ansible-collections/google.cloud
1
0
Fork 0
mirror of https://github.com/ansible-collections/google.cloud.git synced 2025-09-30 21:43:28 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

GCP Bug Fixes (#48276)

Browse source 
* GCP Bug fixes

* added util file changes
This commit is contained in:
Alex Stephen 2018-11-15 05:44:10 -08:00
commit d64785e811
80 changed files with 14198 additions and 13862 deletions
Download patch file Download diff file Expand all files Collapse all files

2
plugins/module_utils/gcp_utils.py
View file

@ -149,7 +149,7 @@ class GcpModule(AnsibleModule):
arg_spec, arg_spec,
dict( dict(
project=dict( project=dict(
required=True, required=False,
type='str', type='str',
fallback=(env_fallback, ['GCP_PROJECT'])), fallback=(env_fallback, ['GCP_PROJECT'])),
auth_kind=dict( auth_kind=dict(

60
plugins/modules/gcp_compute_address.py
View file

@ -53,13 +53,15 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
address: address:
description: description:
- The static external IP address represented by this resource. Only IPv4 is supported. - The static external IP address represented by this resource. Only IPv4 is supported.
An address may only be specified for INTERNAL address types. The IP address must An address may only be specified for INTERNAL address types. The IP address
be inside the specified subnetwork, if any. must be inside the specified subnetwork, if any.
required: false required: false
address_type: address_type:
description: description:
@ -68,37 +70,42 @@ options:
required: false required: false
default: EXTERNAL default: EXTERNAL
version_added: 2.7 version_added: 2.7
choices: ['INTERNAL', 'EXTERNAL'] choices:
- INTERNAL
- EXTERNAL
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
required: false required: false
name: name:
description: description:
- Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. - Name of the resource. The name must be 1-63 characters long, and comply with
Specifically, the name must be 1-63 characters long and match the regular expression RFC1035. Specifically, the name must be 1-63 characters long and match the regular
`[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must
letter, and all following characters must be a dash, lowercase letter, or digit, be a lowercase letter, and all following characters must be a dash, lowercase
except the last character, which cannot be a dash. letter, or digit, except the last character, which cannot be a dash.
required: true required: true
network_tier: network_tier:
description: description:
- 'The networking tier used for configuring this address. This field can take the - 'The networking tier used for configuring this address. This field can take
following values: PREMIUM or STANDARD. If this field is not specified, it is assumed the following values: PREMIUM or STANDARD. If this field is not specified, it
to be PREMIUM.' is assumed to be PREMIUM.'
required: false required: false
version_added: 2.8 version_added: 2.8
choices: ['PREMIUM', 'STANDARD'] choices:
- PREMIUM
- STANDARD
subnetwork: subnetwork:
description: description:
- The URL of the subnetwork in which to reserve the address. If an IP address is specified, - The URL of the subnetwork in which to reserve the address. If an IP address
it must be within the subnetwork's IP range. is specified, it must be within the subnetwork's IP range.
- This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes. - This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER
purposes.
- 'This field represents a link to a Subnetwork resource in GCP. It can be specified - 'This field represents a link to a Subnetwork resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork
task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively, task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively,
you can set this subnetwork to a dictionary with the selfLink key where the value you can set this subnetwork to a dictionary with the selfLink key where the
is the selfLink of your Subnetwork.' value is the selfLink of your Subnetwork'
required: false required: false
version_added: 2.7 version_added: 2.7
region: region:
@ -108,9 +115,9 @@ options:
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/beta/addresses)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/beta/addresses)'
- "Reserving a Static External IP Address: U(https://cloud.google.com/compute/docs/instances-and-network)" - 'Reserving a Static External IP Address: U(https://cloud.google.com/compute/docs/instances-and-network)'
- "Reserving a Static Internal IP Address: U(https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address)" - 'Reserving a Static Internal IP Address: U(https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -171,9 +178,10 @@ RETURN = '''
type: str type: str
subnetwork: subnetwork:
description: description:
- The URL of the subnetwork in which to reserve the address. If an IP address is specified, - The URL of the subnetwork in which to reserve the address. If an IP address is
it must be within the subnetwork's IP range. specified, it must be within the subnetwork's IP range.
- This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes. - This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER
purposes.
returned: success returned: success
type: dict type: dict
users: users:
@ -373,8 +381,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

38
plugins/modules/gcp_compute_address_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- URL of the region where the regional address resides. - URL of the region where the regional address resides.
@ -74,9 +73,9 @@ items:
contains: contains:
address: address:
description: description:
- The static external IP address represented by this resource. Only IPv4 is supported. - The static external IP address represented by this resource. Only IPv4 is
An address may only be specified for INTERNAL address types. The IP address must supported. An address may only be specified for INTERNAL address types. The
be inside the specified subnetwork, if any. IP address must be inside the specified subnetwork, if any.
returned: success returned: success
type: str type: str
addressType: addressType:
@ -102,25 +101,26 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. - Name of the resource. The name must be 1-63 characters long, and comply with
Specifically, the name must be 1-63 characters long and match the regular expression RFC1035. Specifically, the name must be 1-63 characters long and match the
`[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character
letter, and all following characters must be a dash, lowercase letter, or digit, must be a lowercase letter, and all following characters must be a dash, lowercase
except the last character, which cannot be a dash. letter, or digit, except the last character, which cannot be a dash.
returned: success returned: success
type: str type: str
networkTier: networkTier:
description: description:
- 'The networking tier used for configuring this address. This field can take the - 'The networking tier used for configuring this address. This field can take
following values: PREMIUM or STANDARD. If this field is not specified, it is assumed the following values: PREMIUM or STANDARD. If this field is not specified,
to be PREMIUM.' it is assumed to be PREMIUM.'
returned: success returned: success
type: str type: str
subnetwork: subnetwork:
description: description:
- The URL of the subnetwork in which to reserve the address. If an IP address is specified, - The URL of the subnetwork in which to reserve the address. If an IP address
it must be within the subnetwork's IP range. is specified, it must be within the subnetwork's IP range.
- This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes. - This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER
purposes.
returned: success returned: success
type: dict type: dict
users: users:
@ -155,7 +155,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

40
plugins/modules/gcp_compute_backend_bucket.py
View file

@ -48,16 +48,18 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
bucket_name: bucket_name:
description: description:
- Cloud Storage bucket name. - Cloud Storage bucket name.
required: true required: true
description: description:
description: description:
- An optional textual description of the resource; provided by the client when the - An optional textual description of the resource; provided by the client when
resource is created. the resource is created.
required: false required: false
enable_cdn: enable_cdn:
description: description:
@ -66,17 +68,17 @@ options:
type: bool type: bool
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/backendBuckets)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/backendBuckets)'
- "Using a Cloud Storage bucket as a load balancer backend: U(https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket)" - 'Using a Cloud Storage bucket as a load balancer backend: U(https://cloud.google.com/compute/docs/load-balancing/http/backend-bucket)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -130,12 +132,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
''' '''
@ -317,8 +319,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

25
plugins/modules/gcp_compute_backend_bucket_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -78,8 +77,8 @@ items:
type: str type: str
description: description:
description: description:
- An optional textual description of the resource; provided by the client when the - An optional textual description of the resource; provided by the client when
resource is created. the resource is created.
returned: success returned: success
type: str type: str
enableCdn: enableCdn:
@ -94,12 +93,12 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
''' '''
@ -122,7 +121,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

258
plugins/modules/gcp_compute_backend_service.py
View file

@ -45,13 +45,15 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
affinity_cookie_ttl_sec: affinity_cookie_ttl_sec:
description: description:
- Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to - Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set
0, the cookie is non-persistent and lasts only until the end of the browser session to 0, the cookie is non-persistent and lasts only until the end of the browser
(or equivalent). The maximum allowed value for TTL is one day. session (or equivalent). The maximum allowed value for TTL is one day.
- When the load balancing scheme is INTERNAL, this field is not used. - When the load balancing scheme is INTERNAL, this field is not used.
required: false required: false
backends: backends:
@ -62,18 +64,22 @@ options:
balancing_mode: balancing_mode:
description: description:
- Specifies the balancing mode for this backend. - Specifies the balancing mode for this backend.
- For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid - For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION.
values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
required: false required: false
choices: ['UTILIZATION', 'RATE', 'CONNECTION'] choices:
- UTILIZATION
- RATE
- CONNECTION
capacity_scaler: capacity_scaler:
description: description:
- A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, - A multiplier applied to the group's maximum servicing capacity (based on
RATE or CONNECTION). UTILIZATION, RATE or CONNECTION).
- Default value is 1, which means the group will serve up to 100% of its configured - Default value is 1, which means the group will serve up to 100% of its configured
capacity (depending on balancingMode). A setting of 0 means the group is completely capacity (depending on balancingMode). A setting of 0 means the group is
drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. completely drained, offering 0% of its available Capacity. Valid range is
[0.0,1.0].
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
required: false required: false
description: description:
@ -83,53 +89,56 @@ options:
required: false required: false
group: group:
description: description:
- This instance group defines the list of instances that serve traffic. Member virtual - This instance group defines the list of instances that serve traffic. Member
machine instances from each instance group must live in the same zone as the instance virtual machine instances from each instance group must live in the same
group itself. zone as the instance group itself.
- No two backends in a backend service are allowed to use same Instance Group resource. - No two backends in a backend service are allowed to use same Instance Group
- When the BackendService has load balancing scheme INTERNAL, the instance group must resource.
be in a zone within the same region as the BackendService. - When the BackendService has load balancing scheme INTERNAL, the instance
- 'This field represents a link to a InstanceGroup resource in GCP. It can be specified group must be in a zone within the same region as the BackendService.
in two ways. You can add `register: name-of-resource` to a gcp_compute_instance_group - 'This field represents a link to a InstanceGroup resource in GCP. It can
task and then set this group field to "{{ name-of-resource }}" Alternatively, you be specified in two ways. You can add `register: name-of-resource` to a
can set this group to a dictionary with the selfLink key where the value is the gcp_compute_instance_group task and then set this group field to "{{ name-of-resource
selfLink of your InstanceGroup.' }}" Alternatively, you can set this group to a dictionary with the selfLink
key where the value is the selfLink of your InstanceGroup'
required: false required: false
max_connections: max_connections:
description: description:
- The max number of simultaneous connections for the group. Can be used with either - The max number of simultaneous connections for the group. Can be used with
CONNECTION or UTILIZATION balancing modes. either CONNECTION or UTILIZATION balancing modes.
- For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be - For CONNECTION mode, either maxConnections or maxConnectionsPerInstance
set. must be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
required: false required: false
max_connections_per_instance: max_connections_per_instance:
description: description:
- The max number of simultaneous connections that a single backend instance can handle. - The max number of simultaneous connections that a single backend instance
This is used to calculate the capacity of the group. Can be used in either CONNECTION can handle. This is used to calculate the capacity of the group. Can be
or UTILIZATION balancing modes. used in either CONNECTION or UTILIZATION balancing modes.
- For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be - For CONNECTION mode, either maxConnections or maxConnectionsPerInstance
set. must be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
required: false required: false
max_rate: max_rate:
description: description:
- The max requests per second (RPS) of the group. - The max requests per second (RPS) of the group.
- Can be used with either RATE or UTILIZATION balancing modes, but required if RATE - Can be used with either RATE or UTILIZATION balancing modes, but required
mode. For RATE mode, either maxRate or maxRatePerInstance must be set. if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be
set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
required: false required: false
max_rate_per_instance: max_rate_per_instance:
description: description:
- The max requests per second (RPS) that a single backend instance can handle. This - The max requests per second (RPS) that a single backend instance can handle.
is used to calculate the capacity of the group. Can be used in either balancing This is used to calculate the capacity of the group. Can be used in either
mode. For RATE mode, either maxRate or maxRatePerInstance must be set. balancing mode. For RATE mode, either maxRate or maxRatePerInstance must
be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
required: false required: false
max_utilization: max_utilization:
description: description:
- Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target - Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization
for the group. The default is 0.8. Valid range is [0.0, 1.0]. target for the group. The default is 0.8. Valid range is [0.0, 1.0].
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
required: false required: false
cdn_policy: cdn_policy:
@ -154,23 +163,24 @@ options:
type: bool type: bool
include_query_string: include_query_string:
description: description:
- If true, include query string parameters in the cache key according to query_string_whitelist - If true, include query string parameters in the cache key according
and query_string_blacklist. If neither is set, the entire query string will be included. to query_string_whitelist and query_string_blacklist. If neither is
set, the entire query string will be included.
- If false, the query string will be excluded from the cache key entirely. - If false, the query string will be excluded from the cache key entirely.
required: false required: false
type: bool type: bool
query_string_blacklist: query_string_blacklist:
description: description:
- Names of query string parameters to exclude in cache keys. - Names of query string parameters to exclude in cache keys.
- All other parameters will be included. Either specify query_string_whitelist or - All other parameters will be included. Either specify query_string_whitelist
query_string_blacklist, not both. or query_string_blacklist, not both.
- "'&' and '=' will be percent encoded and not treated as delimiters." - "'&' and '=' will be percent encoded and not treated as delimiters."
required: false required: false
query_string_whitelist: query_string_whitelist:
description: description:
- Names of query string parameters to include in cache keys. - Names of query string parameters to include in cache keys.
- All other parameters will be excluded. Either specify query_string_whitelist or - All other parameters will be excluded. Either specify query_string_whitelist
query_string_blacklist, not both. or query_string_blacklist, not both.
- "'&' and '=' will be percent encoded and not treated as delimiters." - "'&' and '=' will be percent encoded and not treated as delimiters."
required: false required: false
connection_draining: connection_draining:
@ -180,8 +190,8 @@ options:
suboptions: suboptions:
draining_timeout_sec: draining_timeout_sec:
description: description:
- Time for which instance will be drained (not accept new connections, but still work - Time for which instance will be drained (not accept new connections, but
to finish started). still work to finish started).
required: false required: false
description: description:
description: description:
@ -198,7 +208,8 @@ options:
- The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health - The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health
checking this BackendService. Currently at most one health check can be specified, checking this BackendService. Currently at most one health check can be specified,
and a health check is required. and a health check is required.
- For internal load balancing, a URL to a HealthCheck resource must be specified instead. - For internal load balancing, a URL to a HealthCheck resource must be specified
instead.
required: false required: false
iap: iap:
description: description:
@ -225,20 +236,22 @@ options:
required: false required: false
load_balancing_scheme: load_balancing_scheme:
description: description:
- Indicates whether the backend service will be used with internal or external load - Indicates whether the backend service will be used with internal or external
balancing. A backend service created for one type of load balancing cannot be used load balancing. A backend service created for one type of load balancing cannot
with the other. be used with the other.
required: false required: false
version_added: 2.7 version_added: 2.7
choices: ['INTERNAL', 'EXTERNAL'] choices:
- INTERNAL
- EXTERNAL
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: false required: false
port_name: port_name:
description: description:
@ -253,7 +266,11 @@ options:
- For internal load balancing, the possible values are TCP and UDP, and the default - For internal load balancing, the possible values are TCP and UDP, and the default
is TCP. is TCP.
required: false required: false
choices: ['HTTP', 'HTTPS', 'TCP', 'SSL'] choices:
- HTTP
- HTTPS
- TCP
- SSL
region: region:
description: description:
- The region where the regional backend service resides. - The region where the regional backend service resides.
@ -267,13 +284,19 @@ options:
or CLIENT_IP_PORT_PROTO. or CLIENT_IP_PORT_PROTO.
- When the protocol is UDP, this field is not used. - When the protocol is UDP, this field is not used.
required: false required: false
choices: ['NONE', 'CLIENT_IP', 'GENERATED_COOKIE', 'CLIENT_IP_PROTO', 'CLIENT_IP_PORT_PROTO'] choices:
- NONE
- CLIENT_IP
- GENERATED_COOKIE
- CLIENT_IP_PROTO
- CLIENT_IP_PORT_PROTO
timeout_sec: timeout_sec:
description: description:
- How many seconds to wait for the backend before considering it a failed request. - How many seconds to wait for the backend before considering it a failed request.
Default is 30 seconds. Valid range is [1, 86400]. Default is 30 seconds. Valid range is [1, 86400].
required: false required: false
aliases: [timeout_seconds] aliases:
- timeout_seconds
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -318,9 +341,9 @@ EXAMPLES = '''
RETURN = ''' RETURN = '''
affinityCookieTtlSec: affinityCookieTtlSec:
description: description:
- Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to - Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set
0, the cookie is non-persistent and lasts only until the end of the browser session to 0, the cookie is non-persistent and lasts only until the end of the browser
(or equivalent). The maximum allowed value for TTL is one day. session (or equivalent). The maximum allowed value for TTL is one day.
- When the load balancing scheme is INTERNAL, this field is not used. - When the load balancing scheme is INTERNAL, this field is not used.
returned: success returned: success
type: int type: int
@ -333,8 +356,8 @@ RETURN = '''
balancingMode: balancingMode:
description: description:
- Specifies the balancing mode for this backend. - Specifies the balancing mode for this backend.
- For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid - For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION.
values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: str type: str
@ -356,53 +379,56 @@ RETURN = '''
type: str type: str
group: group:
description: description:
- This instance group defines the list of instances that serve traffic. Member virtual - This instance group defines the list of instances that serve traffic. Member
machine instances from each instance group must live in the same zone as the instance virtual machine instances from each instance group must live in the same zone
group itself. as the instance group itself.
- No two backends in a backend service are allowed to use same Instance Group resource. - No two backends in a backend service are allowed to use same Instance Group
- When the BackendService has load balancing scheme INTERNAL, the instance group must resource.
be in a zone within the same region as the BackendService. - When the BackendService has load balancing scheme INTERNAL, the instance group
must be in a zone within the same region as the BackendService.
returned: success returned: success
type: dict type: dict
maxConnections: maxConnections:
description: description:
- The max number of simultaneous connections for the group. Can be used with either - The max number of simultaneous connections for the group. Can be used with
CONNECTION or UTILIZATION balancing modes. either CONNECTION or UTILIZATION balancing modes.
- For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be - For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must
set. be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: int type: int
maxConnectionsPerInstance: maxConnectionsPerInstance:
description: description:
- The max number of simultaneous connections that a single backend instance can handle. - The max number of simultaneous connections that a single backend instance
This is used to calculate the capacity of the group. Can be used in either CONNECTION can handle. This is used to calculate the capacity of the group. Can be used
or UTILIZATION balancing modes. in either CONNECTION or UTILIZATION balancing modes.
- For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be - For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must
set. be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: int type: int
maxRate: maxRate:
description: description:
- The max requests per second (RPS) of the group. - The max requests per second (RPS) of the group.
- Can be used with either RATE or UTILIZATION balancing modes, but required if RATE - Can be used with either RATE or UTILIZATION balancing modes, but required
mode. For RATE mode, either maxRate or maxRatePerInstance must be set. if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be
set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: int type: int
maxRatePerInstance: maxRatePerInstance:
description: description:
- The max requests per second (RPS) that a single backend instance can handle. This - The max requests per second (RPS) that a single backend instance can handle.
is used to calculate the capacity of the group. Can be used in either balancing This is used to calculate the capacity of the group. Can be used in either
mode. For RATE mode, either maxRate or maxRatePerInstance must be set. balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be
set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: str type: str
maxUtilization: maxUtilization:
description: description:
- Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target - Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization
for the group. The default is 0.8. Valid range is [0.0, 1.0]. target for the group. The default is 0.8. Valid range is [0.0, 1.0].
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: str type: str
@ -430,24 +456,25 @@ RETURN = '''
type: bool type: bool
includeQueryString: includeQueryString:
description: description:
- If true, include query string parameters in the cache key according to query_string_whitelist - If true, include query string parameters in the cache key according to
and query_string_blacklist. If neither is set, the entire query string will be included. query_string_whitelist and query_string_blacklist. If neither is set,
the entire query string will be included.
- If false, the query string will be excluded from the cache key entirely. - If false, the query string will be excluded from the cache key entirely.
returned: success returned: success
type: bool type: bool
queryStringBlacklist: queryStringBlacklist:
description: description:
- Names of query string parameters to exclude in cache keys. - Names of query string parameters to exclude in cache keys.
- All other parameters will be included. Either specify query_string_whitelist or - All other parameters will be included. Either specify query_string_whitelist
query_string_blacklist, not both. or query_string_blacklist, not both.
- "'&' and '=' will be percent encoded and not treated as delimiters." - "'&' and '=' will be percent encoded and not treated as delimiters."
returned: success returned: success
type: list type: list
queryStringWhitelist: queryStringWhitelist:
description: description:
- Names of query string parameters to include in cache keys. - Names of query string parameters to include in cache keys.
- All other parameters will be excluded. Either specify query_string_whitelist or - All other parameters will be excluded. Either specify query_string_whitelist
query_string_blacklist, not both. or query_string_blacklist, not both.
- "'&' and '=' will be percent encoded and not treated as delimiters." - "'&' and '=' will be percent encoded and not treated as delimiters."
returned: success returned: success
type: list type: list
@ -459,8 +486,8 @@ RETURN = '''
contains: contains:
drainingTimeoutSec: drainingTimeoutSec:
description: description:
- Time for which instance will be drained (not accept new connections, but still work - Time for which instance will be drained (not accept new connections, but still
to finish started). work to finish started).
returned: success returned: success
type: int type: int
creationTimestamp: creationTimestamp:
@ -484,7 +511,8 @@ RETURN = '''
- The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health - The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health
checking this BackendService. Currently at most one health check can be specified, checking this BackendService. Currently at most one health check can be specified,
and a health check is required. and a health check is required.
- For internal load balancing, a URL to a HealthCheck resource must be specified instead. - For internal load balancing, a URL to a HealthCheck resource must be specified
instead.
returned: success returned: success
type: list type: list
id: id:
@ -521,18 +549,18 @@ RETURN = '''
loadBalancingScheme: loadBalancingScheme:
description: description:
- Indicates whether the backend service will be used with internal or external load - Indicates whether the backend service will be used with internal or external load
balancing. A backend service created for one type of load balancing cannot be used balancing. A backend service created for one type of load balancing cannot be
with the other. used with the other.
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
portName: portName:
@ -687,8 +715,8 @@ def resource_to_request(module):
u'kind': 'compute#backendService', u'kind': 'compute#backendService',
u'affinityCookieTtlSec': module.params.get('affinity_cookie_ttl_sec'), u'affinityCookieTtlSec': module.params.get('affinity_cookie_ttl_sec'),
u'backends': BackendServiceBackendsArray(module.params.get('backends', []), module).to_request(), u'backends': BackendServiceBackendsArray(module.params.get('backends', []), module).to_request(),
u'cdnPolicy': BackendServiceCdnPolicy(module.params.get('cdn_policy', {}), module).to_request(), u'cdnPolicy': BackendServiceCdnpolicy(module.params.get('cdn_policy', {}), module).to_request(),
u'connectionDraining': BackendServiceConnectionDraining(module.params.get('connection_draining', {}), module).to_request(), u'connectionDraining': BackendServiceConnectiondraining(module.params.get('connection_draining', {}), module).to_request(),
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'enableCDN': module.params.get('enable_cdn'), u'enableCDN': module.params.get('enable_cdn'),
u'healthChecks': module.params.get('health_checks'), u'healthChecks': module.params.get('health_checks'),
@ -767,8 +795,8 @@ def response_to_hash(module, response):
return { return {
u'affinityCookieTtlSec': response.get(u'affinityCookieTtlSec'), u'affinityCookieTtlSec': response.get(u'affinityCookieTtlSec'),
u'backends': BackendServiceBackendsArray(response.get(u'backends', []), module).from_response(), u'backends': BackendServiceBackendsArray(response.get(u'backends', []), module).from_response(),
u'cdnPolicy': BackendServiceCdnPolicy(response.get(u'cdnPolicy', {}), module).from_response(), u'cdnPolicy': BackendServiceCdnpolicy(response.get(u'cdnPolicy', {}), module).from_response(),
u'connectionDraining': BackendServiceConnectionDraining(response.get(u'connectionDraining', {}), module).from_response(), u'connectionDraining': BackendServiceConnectiondraining(response.get(u'connectionDraining', {}), module).from_response(),
u'creationTimestamp': response.get(u'creationTimestamp'), u'creationTimestamp': response.get(u'creationTimestamp'),
u'description': response.get(u'description'), u'description': response.get(u'description'),
u'enableCDN': response.get(u'enableCDN'), u'enableCDN': response.get(u'enableCDN'),
@ -818,8 +846,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -878,7 +904,7 @@ class BackendServiceBackendsArray(object):
}) })
class BackendServiceCdnPolicy(object): class BackendServiceCdnpolicy(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -888,16 +914,16 @@ class BackendServiceCdnPolicy(object):
def to_request(self): def to_request(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'cacheKeyPolicy': BackendServiceCacheKeyPolicy(self.request.get('cache_key_policy', {}), self.module).to_request() u'cacheKeyPolicy': BackendServiceCachekeypolicy(self.request.get('cache_key_policy', {}), self.module).to_request()
}) })
def from_response(self): def from_response(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'cacheKeyPolicy': BackendServiceCacheKeyPolicy(self.request.get(u'cacheKeyPolicy', {}), self.module).from_response() u'cacheKeyPolicy': BackendServiceCachekeypolicy(self.request.get(u'cacheKeyPolicy', {}), self.module).from_response()
}) })
class BackendServiceCacheKeyPolicy(object): class BackendServiceCachekeypolicy(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -924,7 +950,7 @@ class BackendServiceCacheKeyPolicy(object):
}) })
class BackendServiceConnectionDraining(object): class BackendServiceConnectiondraining(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

120
plugins/modules/gcp_compute_backend_service_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -68,9 +67,10 @@ items:
contains: contains:
affinityCookieTtlSec: affinityCookieTtlSec:
description: description:
- Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to - Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If
0, the cookie is non-persistent and lasts only until the end of the browser session set to 0, the cookie is non-persistent and lasts only until the end of the
(or equivalent). The maximum allowed value for TTL is one day. browser session (or equivalent). The maximum allowed value for TTL is one
day.
- When the load balancing scheme is INTERNAL, this field is not used. - When the load balancing scheme is INTERNAL, this field is not used.
returned: success returned: success
type: int type: int
@ -83,18 +83,19 @@ items:
balancingMode: balancingMode:
description: description:
- Specifies the balancing mode for this backend. - Specifies the balancing mode for this backend.
- For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid - For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION.
values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: str type: str
capacityScaler: capacityScaler:
description: description:
- A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, - A multiplier applied to the group's maximum servicing capacity (based
RATE or CONNECTION). on UTILIZATION, RATE or CONNECTION).
- Default value is 1, which means the group will serve up to 100% of its configured - Default value is 1, which means the group will serve up to 100% of its
capacity (depending on balancingMode). A setting of 0 means the group is completely configured capacity (depending on balancingMode). A setting of 0 means
drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. the group is completely drained, offering 0% of its available Capacity.
Valid range is [0.0,1.0].
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: str type: str
@ -106,53 +107,56 @@ items:
type: str type: str
group: group:
description: description:
- This instance group defines the list of instances that serve traffic. Member virtual - This instance group defines the list of instances that serve traffic.
machine instances from each instance group must live in the same zone as the instance Member virtual machine instances from each instance group must live in
group itself. the same zone as the instance group itself.
- No two backends in a backend service are allowed to use same Instance Group resource. - No two backends in a backend service are allowed to use same Instance
- When the BackendService has load balancing scheme INTERNAL, the instance group must Group resource.
be in a zone within the same region as the BackendService. - When the BackendService has load balancing scheme INTERNAL, the instance
group must be in a zone within the same region as the BackendService.
returned: success returned: success
type: dict type: dict
maxConnections: maxConnections:
description: description:
- The max number of simultaneous connections for the group. Can be used with either - The max number of simultaneous connections for the group. Can be used
CONNECTION or UTILIZATION balancing modes. with either CONNECTION or UTILIZATION balancing modes.
- For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be - For CONNECTION mode, either maxConnections or maxConnectionsPerInstance
set. must be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: int type: int
maxConnectionsPerInstance: maxConnectionsPerInstance:
description: description:
- The max number of simultaneous connections that a single backend instance can handle. - The max number of simultaneous connections that a single backend instance
This is used to calculate the capacity of the group. Can be used in either CONNECTION can handle. This is used to calculate the capacity of the group. Can be
or UTILIZATION balancing modes. used in either CONNECTION or UTILIZATION balancing modes.
- For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be - For CONNECTION mode, either maxConnections or maxConnectionsPerInstance
set. must be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: int type: int
maxRate: maxRate:
description: description:
- The max requests per second (RPS) of the group. - The max requests per second (RPS) of the group.
- Can be used with either RATE or UTILIZATION balancing modes, but required if RATE - Can be used with either RATE or UTILIZATION balancing modes, but required
mode. For RATE mode, either maxRate or maxRatePerInstance must be set. if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must
be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: int type: int
maxRatePerInstance: maxRatePerInstance:
description: description:
- The max requests per second (RPS) that a single backend instance can handle. This - The max requests per second (RPS) that a single backend instance can handle.
is used to calculate the capacity of the group. Can be used in either balancing This is used to calculate the capacity of the group. Can be used in either
mode. For RATE mode, either maxRate or maxRatePerInstance must be set. balancing mode. For RATE mode, either maxRate or maxRatePerInstance must
be set.
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: str type: str
maxUtilization: maxUtilization:
description: description:
- Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target - Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization
for the group. The default is 0.8. Valid range is [0.0, 1.0]. target for the group. The default is 0.8. Valid range is [0.0, 1.0].
- This cannot be used for internal load balancing. - This cannot be used for internal load balancing.
returned: success returned: success
type: str type: str
@ -180,24 +184,25 @@ items:
type: bool type: bool
includeQueryString: includeQueryString:
description: description:
- If true, include query string parameters in the cache key according to query_string_whitelist - If true, include query string parameters in the cache key according
and query_string_blacklist. If neither is set, the entire query string will be included. to query_string_whitelist and query_string_blacklist. If neither is
set, the entire query string will be included.
- If false, the query string will be excluded from the cache key entirely. - If false, the query string will be excluded from the cache key entirely.
returned: success returned: success
type: bool type: bool
queryStringBlacklist: queryStringBlacklist:
description: description:
- Names of query string parameters to exclude in cache keys. - Names of query string parameters to exclude in cache keys.
- All other parameters will be included. Either specify query_string_whitelist or - All other parameters will be included. Either specify query_string_whitelist
query_string_blacklist, not both. or query_string_blacklist, not both.
- "'&' and '=' will be percent encoded and not treated as delimiters." - "'&' and '=' will be percent encoded and not treated as delimiters."
returned: success returned: success
type: list type: list
queryStringWhitelist: queryStringWhitelist:
description: description:
- Names of query string parameters to include in cache keys. - Names of query string parameters to include in cache keys.
- All other parameters will be excluded. Either specify query_string_whitelist or - All other parameters will be excluded. Either specify query_string_whitelist
query_string_blacklist, not both. or query_string_blacklist, not both.
- "'&' and '=' will be percent encoded and not treated as delimiters." - "'&' and '=' will be percent encoded and not treated as delimiters."
returned: success returned: success
type: list type: list
@ -209,8 +214,8 @@ items:
contains: contains:
drainingTimeoutSec: drainingTimeoutSec:
description: description:
- Time for which instance will be drained (not accept new connections, but still work - Time for which instance will be drained (not accept new connections, but
to finish started). still work to finish started).
returned: success returned: success
type: int type: int
creationTimestamp: creationTimestamp:
@ -234,7 +239,8 @@ items:
- The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health - The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health
checking this BackendService. Currently at most one health check can be specified, checking this BackendService. Currently at most one health check can be specified,
and a health check is required. and a health check is required.
- For internal load balancing, a URL to a HealthCheck resource must be specified instead. - For internal load balancing, a URL to a HealthCheck resource must be specified
instead.
returned: success returned: success
type: list type: list
id: id:
@ -270,19 +276,19 @@ items:
type: str type: str
loadBalancingScheme: loadBalancingScheme:
description: description:
- Indicates whether the backend service will be used with internal or external load - Indicates whether the backend service will be used with internal or external
balancing. A backend service created for one type of load balancing cannot be used load balancing. A backend service created for one type of load balancing cannot
with the other. be used with the other.
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
portName: portName:
@ -296,8 +302,8 @@ items:
description: description:
- The protocol this BackendService uses to communicate with backends. - The protocol this BackendService uses to communicate with backends.
- Possible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP. - Possible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.
- For internal load balancing, the possible values are TCP and UDP, and the default - For internal load balancing, the possible values are TCP and UDP, and the
is TCP. default is TCP.
returned: success returned: success
type: str type: str
region: region:
@ -341,7 +347,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

224
plugins/modules/gcp_compute_disk.py
View file

@ -54,8 +54,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -72,39 +74,40 @@ options:
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
size_gb: size_gb:
description: description:
- Size of the persistent disk, specified in GB. You can specify this field when creating - Size of the persistent disk, specified in GB. You can specify this field when
a persistent disk using the sourceImage or sourceSnapshot parameter, or specify creating a persistent disk using the sourceImage or sourceSnapshot parameter,
it alone to create an empty persistent disk. or specify it alone to create an empty persistent disk.
- If you specify this field along with sourceImage or sourceSnapshot, the value of - If you specify this field along with sourceImage or sourceSnapshot, the value
sizeGb must not be less than the size of the sourceImage or the size of the snapshot. of sizeGb must not be less than the size of the sourceImage or the size of the
snapshot.
required: false required: false
type: type:
description: description:
- URL of the disk type resource describing which disk type to use to create the disk. - URL of the disk type resource describing which disk type to use to create the
Provide this when creating the disk. disk. Provide this when creating the disk.
required: false required: false
version_added: 2.7 version_added: 2.7
source_image: source_image:
description: description:
- The source image used to create this disk. If the source image is deleted, this - The source image used to create this disk. If the source image is deleted, this
field will not be set. field will not be set.
- 'To create a disk with one of the public operating system images, specify the image - 'To create a disk with one of the public operating system images, specify the
by its family name. For example, specify family/debian-8 to use the latest Debian image by its family name. For example, specify family/debian-8 to use the latest
8 image: projects/debian-cloud/global/images/family/debian-8 Alternatively, use Debian 8 image: projects/debian-cloud/global/images/family/debian-8 Alternatively,
a specific version of a public operating system image: projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD To use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
create a disk with a private image that you created, specify the image name in the To create a disk with a private image that you created, specify the image name
following format: global/images/my-private-image You can also specify a private in the following format: global/images/my-private-image You can also specify
image by its image family, which returns the latest version of the image in that a private image by its image family, which returns the latest version of the
family. Replace the image name with family/family-name: global/images/family/my-private-family image in that family. Replace the image name with family/family-name: global/images/family/my-private-family
.' .'
required: false required: false
zone: zone:
@ -119,68 +122,66 @@ options:
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
disk_encryption_key: disk_encryption_key:
description: description:
- Encrypts the disk using a customer-supplied encryption key. - Encrypts the disk using a customer-supplied encryption key.
- After you encrypt a disk with a customer-supplied key, you must provide the same - After you encrypt a disk with a customer-supplied key, you must provide the
key if you use the disk later (e.g. to create a disk snapshot or an image, or to same key if you use the disk later (e.g. to create a disk snapshot or an image,
attach the disk to a virtual machine). or to attach the disk to a virtual machine).
- Customer-supplied encryption keys do not protect access to metadata of the disk. - Customer-supplied encryption keys do not protect access to metadata of the disk.
- If you do not provide an encryption key when creating the disk, then the disk will - If you do not provide an encryption key when creating the disk, then the disk
be encrypted using an automatically generated key and you do not need to provide will be encrypted using an automatically generated key and you do not need to
a key to use the disk later. provide a key to use the disk later.
required: false required: false
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
source_snapshot: source_snapshot:
description: description:
- 'The source snapshot used to create this disk. You can provide this as a partial or - The source snapshot used to create this disk. You can provide this as a partial
full URL to the resource. For example, the following are valid values: * or full URL to the resource.
`U(https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot`)
* `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` .'
- 'This field represents a link to a Snapshot resource in GCP. It can be specified - 'This field represents a link to a Snapshot resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_snapshot in two ways. You can add `register: name-of-resource` to a gcp_compute_snapshot
task and then set this source_snapshot field to "{{ name-of-resource }}" Alternatively, task and then set this source_snapshot field to "{{ name-of-resource }}" Alternatively,
you can set this source_snapshot to a dictionary with the selfLink key where the you can set this source_snapshot to a dictionary with the selfLink key where
value is the selfLink of your Snapshot.' the value is the selfLink of your Snapshot'
required: false required: false
source_snapshot_encryption_key: source_snapshot_encryption_key:
description: description:
- The customer-supplied encryption key of the source snapshot. Required if the source - The customer-supplied encryption key of the source snapshot. Required if the
snapshot is protected by a customer-supplied encryption key. source snapshot is protected by a customer-supplied encryption key.
required: false required: false
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/disks)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/disks)'
- "Adding a persistent disk: U(https://cloud.google.com/compute/docs/disks/add-persistent-disk)" - 'Adding a persistent disk: U(https://cloud.google.com/compute/docs/disks/add-persistent-disk)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -200,8 +201,8 @@ EXAMPLES = '''
RETURN = ''' RETURN = '''
labelFingerprint: labelFingerprint:
description: description:
- The fingerprint used for optimistic locking of this resource. Used internally during - The fingerprint used for optimistic locking of this resource. Used internally
updates. during updates.
returned: success returned: success
type: str type: str
creationTimestamp: creationTimestamp:
@ -242,21 +243,22 @@ RETURN = '''
type: list type: list
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
sizeGb: sizeGb:
description: description:
- Size of the persistent disk, specified in GB. You can specify this field when creating - Size of the persistent disk, specified in GB. You can specify this field when
a persistent disk using the sourceImage or sourceSnapshot parameter, or specify creating a persistent disk using the sourceImage or sourceSnapshot parameter,
it alone to create an empty persistent disk. or specify it alone to create an empty persistent disk.
- If you specify this field along with sourceImage or sourceSnapshot, the value of - If you specify this field along with sourceImage or sourceSnapshot, the value
sizeGb must not be less than the size of the sourceImage or the size of the snapshot. of sizeGb must not be less than the size of the sourceImage or the size of the
snapshot.
returned: success returned: success
type: int type: int
users: users:
@ -267,22 +269,22 @@ RETURN = '''
type: list type: list
type: type:
description: description:
- URL of the disk type resource describing which disk type to use to create the disk. - URL of the disk type resource describing which disk type to use to create the
Provide this when creating the disk. disk. Provide this when creating the disk.
returned: success returned: success
type: str type: str
sourceImage: sourceImage:
description: description:
- The source image used to create this disk. If the source image is deleted, this - The source image used to create this disk. If the source image is deleted, this
field will not be set. field will not be set.
- 'To create a disk with one of the public operating system images, specify the image - 'To create a disk with one of the public operating system images, specify the
by its family name. For example, specify family/debian-8 to use the latest Debian image by its family name. For example, specify family/debian-8 to use the latest
8 image: projects/debian-cloud/global/images/family/debian-8 Alternatively, use Debian 8 image: projects/debian-cloud/global/images/family/debian-8 Alternatively,
a specific version of a public operating system image: projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD To use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
create a disk with a private image that you created, specify the image name in the To create a disk with a private image that you created, specify the image name
following format: global/images/my-private-image You can also specify a private in the following format: global/images/my-private-image You can also specify a
image by its image family, which returns the latest version of the image in that private image by its image family, which returns the latest version of the image
family. Replace the image name with family/family-name: global/images/family/my-private-family in that family. Replace the image name with family/family-name: global/images/family/my-private-family
.' .'
returned: success returned: success
type: str type: str
@ -300,56 +302,54 @@ RETURN = '''
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceImageId: sourceImageId:
description: description:
- The ID value of the image used to create this disk. This value identifies the exact - The ID value of the image used to create this disk. This value identifies the
image that was used to create this persistent disk. For example, if you created exact image that was used to create this persistent disk. For example, if you
the persistent disk from an image that was later deleted and recreated under the created the persistent disk from an image that was later deleted and recreated
same name, the source image ID would identify the exact version of the image that under the same name, the source image ID would identify the exact version of the
was used. image that was used.
returned: success returned: success
type: str type: str
diskEncryptionKey: diskEncryptionKey:
description: description:
- Encrypts the disk using a customer-supplied encryption key. - Encrypts the disk using a customer-supplied encryption key.
- After you encrypt a disk with a customer-supplied key, you must provide the same - After you encrypt a disk with a customer-supplied key, you must provide the same
key if you use the disk later (e.g. to create a disk snapshot or an image, or to key if you use the disk later (e.g. to create a disk snapshot or an image, or
attach the disk to a virtual machine). to attach the disk to a virtual machine).
- Customer-supplied encryption keys do not protect access to metadata of the disk. - Customer-supplied encryption keys do not protect access to metadata of the disk.
- If you do not provide an encryption key when creating the disk, then the disk will - If you do not provide an encryption key when creating the disk, then the disk
be encrypted using an automatically generated key and you do not need to provide will be encrypted using an automatically generated key and you do not need to
a key to use the disk later. provide a key to use the disk later.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshot: sourceSnapshot:
description: description:
- 'The source snapshot used to create this disk. You can provide this as a partial or - The source snapshot used to create this disk. You can provide this as a partial
full URL to the resource. For example, the following are valid values: * or full URL to the resource.
`U(https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot`)
* `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` .'
returned: success returned: success
type: dict type: dict
sourceSnapshotEncryptionKey: sourceSnapshotEncryptionKey:
@ -361,23 +361,23 @@ RETURN = '''
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshotId: sourceSnapshotId:
description: description:
- The unique ID of the snapshot used to create this disk. This value identifies the - The unique ID of the snapshot used to create this disk. This value identifies
exact snapshot that was used to create this persistent disk. For example, if you the exact snapshot that was used to create this persistent disk. For example,
created the persistent disk from a snapshot that was later deleted and recreated if you created the persistent disk from a snapshot that was later deleted and
under the same name, the source snapshot ID would identify the exact version of recreated under the same name, the source snapshot ID would identify the exact
the snapshot that was used. version of the snapshot that was used.
returned: success returned: success
type: str type: str
''' '''
@ -510,9 +510,9 @@ def delete(module, link, kind):
def resource_to_request(module): def resource_to_request(module):
request = { request = {
u'kind': 'compute#disk', u'kind': 'compute#disk',
u'sourceImageEncryptionKey': DiskSourceImageEncryptionKey(module.params.get('source_image_encryption_key', {}), module).to_request(), u'sourceImageEncryptionKey': DiskSourceimageencryptionkey(module.params.get('source_image_encryption_key', {}), module).to_request(),
u'diskEncryptionKey': DiskDiskEncryptionKey(module.params.get('disk_encryption_key', {}), module).to_request(), u'diskEncryptionKey': DiskDiskencryptionkey(module.params.get('disk_encryption_key', {}), module).to_request(),
u'sourceSnapshotEncryptionKey': DiskSourceSnapshotEncryptionKey(module.params.get('source_snapshot_encryption_key', {}), module).to_request(), u'sourceSnapshotEncryptionKey': DiskSourcesnapshotencryptionkey(module.params.get('source_snapshot_encryption_key', {}), module).to_request(),
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'labels': module.params.get('labels'), u'labels': module.params.get('labels'),
u'licenses': module.params.get('licenses'), u'licenses': module.params.get('licenses'),
@ -634,8 +634,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -647,7 +645,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class DiskSourceImageEncryptionKey(object): class DiskSourceimageencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -668,7 +666,7 @@ class DiskSourceImageEncryptionKey(object):
}) })
class DiskDiskEncryptionKey(object): class DiskDiskencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -689,7 +687,7 @@ class DiskDiskEncryptionKey(object):
}) })
class DiskSourceSnapshotEncryptionKey(object): class DiskSourcesnapshotencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

132
plugins/modules/gcp_compute_disk_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
zone: zone:
description: description:
- A reference to the zone where the disk resides. - A reference to the zone where the disk resides.
@ -73,8 +72,8 @@ items:
contains: contains:
labelFingerprint: labelFingerprint:
description: description:
- The fingerprint used for optimistic locking of this resource. Used internally during - The fingerprint used for optimistic locking of this resource. Used internally
updates. during updates.
returned: success returned: success
type: str type: str
creationTimestamp: creationTimestamp:
@ -115,21 +114,22 @@ items:
type: list type: list
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
sizeGb: sizeGb:
description: description:
- Size of the persistent disk, specified in GB. You can specify this field when creating - Size of the persistent disk, specified in GB. You can specify this field when
a persistent disk using the sourceImage or sourceSnapshot parameter, or specify creating a persistent disk using the sourceImage or sourceSnapshot parameter,
it alone to create an empty persistent disk. or specify it alone to create an empty persistent disk.
- If you specify this field along with sourceImage or sourceSnapshot, the value of - If you specify this field along with sourceImage or sourceSnapshot, the value
sizeGb must not be less than the size of the sourceImage or the size of the snapshot. of sizeGb must not be less than the size of the sourceImage or the size of
the snapshot.
returned: success returned: success
type: int type: int
users: users:
@ -140,22 +140,23 @@ items:
type: list type: list
type: type:
description: description:
- URL of the disk type resource describing which disk type to use to create the disk. - URL of the disk type resource describing which disk type to use to create
Provide this when creating the disk. the disk. Provide this when creating the disk.
returned: success returned: success
type: str type: str
sourceImage: sourceImage:
description: description:
- The source image used to create this disk. If the source image is deleted, this - The source image used to create this disk. If the source image is deleted,
field will not be set. this field will not be set.
- 'To create a disk with one of the public operating system images, specify the image - 'To create a disk with one of the public operating system images, specify
by its family name. For example, specify family/debian-8 to use the latest Debian the image by its family name. For example, specify family/debian-8 to use
8 image: projects/debian-cloud/global/images/family/debian-8 Alternatively, use the latest Debian 8 image: projects/debian-cloud/global/images/family/debian-8
a specific version of a public operating system image: projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD To Alternatively, use a specific version of a public operating system image:
create a disk with a private image that you created, specify the image name in the projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD To create a
disk with a private image that you created, specify the image name in the
following format: global/images/my-private-image You can also specify a private following format: global/images/my-private-image You can also specify a private
image by its image family, which returns the latest version of the image in that image by its image family, which returns the latest version of the image in
family. Replace the image name with family/family-name: global/images/family/my-private-family that family. Replace the image name with family/family-name: global/images/family/my-private-family
.' .'
returned: success returned: success
type: str type: str
@ -166,91 +167,90 @@ items:
type: str type: str
sourceImageEncryptionKey: sourceImageEncryptionKey:
description: description:
- The customer-supplied encryption key of the source image. Required if the source - The customer-supplied encryption key of the source image. Required if the
image is protected by a customer-supplied encryption key. source image is protected by a customer-supplied encryption key.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceImageId: sourceImageId:
description: description:
- The ID value of the image used to create this disk. This value identifies the exact - The ID value of the image used to create this disk. This value identifies
image that was used to create this persistent disk. For example, if you created the exact image that was used to create this persistent disk. For example,
the persistent disk from an image that was later deleted and recreated under the if you created the persistent disk from an image that was later deleted and
same name, the source image ID would identify the exact version of the image that recreated under the same name, the source image ID would identify the exact
was used. version of the image that was used.
returned: success returned: success
type: str type: str
diskEncryptionKey: diskEncryptionKey:
description: description:
- Encrypts the disk using a customer-supplied encryption key. - Encrypts the disk using a customer-supplied encryption key.
- After you encrypt a disk with a customer-supplied key, you must provide the same - After you encrypt a disk with a customer-supplied key, you must provide the
key if you use the disk later (e.g. to create a disk snapshot or an image, or to same key if you use the disk later (e.g. to create a disk snapshot or an image,
attach the disk to a virtual machine). or to attach the disk to a virtual machine).
- Customer-supplied encryption keys do not protect access to metadata of the disk. - Customer-supplied encryption keys do not protect access to metadata of the
- If you do not provide an encryption key when creating the disk, then the disk will disk.
be encrypted using an automatically generated key and you do not need to provide - If you do not provide an encryption key when creating the disk, then the disk
a key to use the disk later. will be encrypted using an automatically generated key and you do not need
to provide a key to use the disk later.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshot: sourceSnapshot:
description: description:
- 'The source snapshot used to create this disk. You can provide this as a partial - The source snapshot used to create this disk. You can provide this as a partial
or full URL to the resource. For example, the following are valid values: * or full URL to the resource.
`U(https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot`)
* `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` .'
returned: success returned: success
type: dict type: dict
sourceSnapshotEncryptionKey: sourceSnapshotEncryptionKey:
description: description:
- The customer-supplied encryption key of the source snapshot. Required if the source - The customer-supplied encryption key of the source snapshot. Required if the
snapshot is protected by a customer-supplied encryption key. source snapshot is protected by a customer-supplied encryption key.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshotId: sourceSnapshotId:
description: description:
- The unique ID of the snapshot used to create this disk. This value identifies the - The unique ID of the snapshot used to create this disk. This value identifies
exact snapshot that was used to create this persistent disk. For example, if you the exact snapshot that was used to create this persistent disk. For example,
created the persistent disk from a snapshot that was later deleted and recreated if you created the persistent disk from a snapshot that was later deleted
under the same name, the source snapshot ID would identify the exact version of and recreated under the same name, the source snapshot ID would identify the
the snapshot that was used. exact version of the snapshot that was used.
returned: success returned: success
type: str type: str
''' '''
@ -274,7 +274,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

254
plugins/modules/gcp_compute_firewall.py
View file

@ -51,8 +51,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
allowed: allowed:
description: description:
- The list of ALLOW rules specified by this firewall. Each rule specifies a protocol - The list of ALLOW rules specified by this firewall. Each rule specifies a protocol
@ -61,15 +63,17 @@ options:
suboptions: suboptions:
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. The protocol type is required when creating - The IP protocol to which this rule applies. The protocol type is required
a firewall rule. This value can either be one of the following well known protocol when creating a firewall rule. This value can either be one of the following
strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol number. well known protocol strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol
number.
required: true required: true
ports: ports:
description: description:
- An optional list of ports to which this rule applies. This field is only applicable - An optional list of ports to which this rule applies. This field is only
for UDP or TCP protocol. Each entry must be either an integer or a range. If not applicable for UDP or TCP protocol. Each entry must be either an integer
specified, this rule applies to connections through any port. or a range. If not specified, this rule applies to connections through any
port.
- 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].' - 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].'
required: false required: false
denied: denied:
@ -81,15 +85,17 @@ options:
suboptions: suboptions:
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. The protocol type is required when creating - The IP protocol to which this rule applies. The protocol type is required
a firewall rule. This value can either be one of the following well known protocol when creating a firewall rule. This value can either be one of the following
strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol number. well known protocol strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol
number.
required: true required: true
ports: ports:
description: description:
- An optional list of ports to which this rule applies. This field is only applicable - An optional list of ports to which this rule applies. This field is only
for UDP or TCP protocol. Each entry must be either an integer or a range. If not applicable for UDP or TCP protocol. Each entry must be either an integer
specified, this rule applies to connections through any port. or a range. If not specified, this rule applies to connections through any
port.
- 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].' - 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].'
required: false required: false
description: description:
@ -99,9 +105,9 @@ options:
required: false required: false
destination_ranges: destination_ranges:
description: description:
- If destination ranges are specified, the firewall will apply only to traffic that - If destination ranges are specified, the firewall will apply only to traffic
has destination IP address in these ranges. These ranges must be expressed in CIDR that has destination IP address in these ranges. These ranges must be expressed
format. Only IPv4 is supported. in CIDR format. Only IPv4 is supported.
required: false required: false
version_added: 2.8 version_added: 2.8
direction: direction:
@ -111,103 +117,105 @@ options:
traffic, it is NOT supported to specify sourceRanges OR sourceTags.' traffic, it is NOT supported to specify sourceRanges OR sourceTags.'
required: false required: false
version_added: 2.8 version_added: 2.8
choices: ['INGRESS', 'EGRESS'] choices:
- INGRESS
- EGRESS
disabled: disabled:
description: description:
- Denotes whether the firewall rule is disabled, i.e not applied to the network it - Denotes whether the firewall rule is disabled, i.e not applied to the network
is associated with. When set to true, the firewall rule is not enforced and the it is associated with. When set to true, the firewall rule is not enforced and
network behaves as if it did not exist. If this is unspecified, the firewall rule the network behaves as if it did not exist. If this is unspecified, the firewall
will be enabled. rule will be enabled.
required: false required: false
type: bool type: bool
version_added: 2.8 version_added: 2.8
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
network: network:
description: description:
- 'URL of the network resource for this firewall rule. If not specified when creating - 'URL of the network resource for this firewall rule. If not specified when creating
a firewall rule, the default network is used: global/networks/default If you choose to a firewall rule, the default network is used: global/networks/default If you
specify this property, you can specify the network as a full or partial URL. For choose to specify this property, you can specify the network as a full or partial
example, the following are all valid URLs: URL. For example, the following are all valid URLs: U(https://www.googleapis.com/compute/v1/projects/myproject/global/)
U(https://www.googleapis.com/compute/v1/projects/myproject/global/) networks/my-network projects/myproject/global/networks/my-network global/networks/default
networks/my-network projects/myproject/global/networks/my-network .'
global/networks/default .'
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: true required: true
priority: priority:
description: description:
- Priority for this rule. This is an integer between 0 and 65535, both inclusive. - Priority for this rule. This is an integer between 0 and 65535, both inclusive.
When not specified, the value assumed is 1000. Relative priorities determine precedence When not specified, the value assumed is 1000. Relative priorities determine
of conflicting rules. Lower value of priority implies higher precedence (eg, a rule precedence of conflicting rules. Lower value of priority implies higher precedence
with priority 0 has higher precedence than a rule with priority 1). DENY rules take (eg, a rule with priority 0 has higher precedence than a rule with priority
precedence over ALLOW rules having equal priority. 1). DENY rules take precedence over ALLOW rules having equal priority.
required: false required: false
default: 1000 default: '1000'
version_added: 2.8 version_added: 2.8
source_ranges: source_ranges:
description: description:
- If source ranges are specified, the firewall will apply only to traffic that has - If source ranges are specified, the firewall will apply only to traffic that
source IP address in these ranges. These ranges must be expressed in CIDR format. has source IP address in these ranges. These ranges must be expressed in CIDR
One or both of sourceRanges and sourceTags may be set. If both properties are set, format. One or both of sourceRanges and sourceTags may be set. If both properties
the firewall will apply to traffic that has source IP address within sourceRanges are set, the firewall will apply to traffic that has source IP address within
OR the source IP that belongs to a tag listed in the sourceTags property. The connection sourceRanges OR the source IP that belongs to a tag listed in the sourceTags
does not need to match both properties for the firewall to apply. Only IPv4 is supported. property. The connection does not need to match both properties for the firewall
to apply. Only IPv4 is supported.
required: false required: false
source_service_accounts: source_service_accounts:
description: description:
- If source service accounts are specified, the firewall will apply only to traffic - If source service accounts are specified, the firewall will apply only to traffic
originating from an instance with a service account in this list. Source service originating from an instance with a service account in this list. Source service
accounts cannot be used to control traffic to an instance's external IP address accounts cannot be used to control traffic to an instance's external IP address
because service accounts are associated with an instance, not an IP address. sourceRanges because service accounts are associated with an instance, not an IP address.
can be set at the same time as sourceServiceAccounts. If both are set, the firewall sourceRanges can be set at the same time as sourceServiceAccounts. If both are
will apply to traffic that has source IP address within sourceRanges OR the source set, the firewall will apply to traffic that has source IP address within sourceRanges
IP belongs to an instance with service account listed in sourceServiceAccount. The OR the source IP belongs to an instance with service account listed in sourceServiceAccount.
connection does not need to match both properties for the firewall to apply. sourceServiceAccounts The connection does not need to match both properties for the firewall to apply.
cannot be used at the same time as sourceTags or targetTags. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.
required: false required: false
version_added: 2.8 version_added: 2.8
source_tags: source_tags:
description: description:
- If source tags are specified, the firewall will apply only to traffic with source - If source tags are specified, the firewall will apply only to traffic with source
IP that belongs to a tag listed in source tags. Source tags cannot be used to control IP that belongs to a tag listed in source tags. Source tags cannot be used to
traffic to an instance's external IP address. Because tags are associated with an control traffic to an instance's external IP address. Because tags are associated
instance, not an IP address. One or both of sourceRanges and sourceTags may be set. with an instance, not an IP address. One or both of sourceRanges and sourceTags
If both properties are set, the firewall will apply to traffic that has source IP may be set. If both properties are set, the firewall will apply to traffic that
address within sourceRanges OR the source IP that belongs to a tag listed in the has source IP address within sourceRanges OR the source IP that belongs to a
sourceTags property. The connection does not need to match both properties for the tag listed in the sourceTags property. The connection does not need to match
firewall to apply. both properties for the firewall to apply.
required: false required: false
target_service_accounts: target_service_accounts:
description: description:
- A list of service accounts indicating sets of instances located in the network that - A list of service accounts indicating sets of instances located in the network
may make network connections as specified in allowed[]. that may make network connections as specified in allowed[].
- targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. - targetServiceAccounts cannot be used at the same time as targetTags or sourceTags.
If neither targetServiceAccounts nor targetTags are specified, the firewall rule If neither targetServiceAccounts nor targetTags are specified, the firewall
applies to all instances on the specified network. rule applies to all instances on the specified network.
required: false required: false
version_added: 2.8 version_added: 2.8
target_tags: target_tags:
description: description:
- A list of instance tags indicating sets of instances located in the network that - A list of instance tags indicating sets of instances located in the network
may make network connections as specified in allowed[]. that may make network connections as specified in allowed[].
- If no targetTags are specified, the firewall rule applies to all instances on the - If no targetTags are specified, the firewall rule applies to all instances on
specified network. the specified network.
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/firewalls)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/firewalls)'
- "Official Documentation: U(https://cloud.google.com/vpc/docs/firewalls)" - 'Official Documentation: U(https://cloud.google.com/vpc/docs/firewalls)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -239,16 +247,17 @@ RETURN = '''
contains: contains:
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. The protocol type is required when creating - The IP protocol to which this rule applies. The protocol type is required
a firewall rule. This value can either be one of the following well known protocol when creating a firewall rule. This value can either be one of the following
strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol number. well known protocol strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol
number.
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- An optional list of ports to which this rule applies. This field is only applicable - An optional list of ports to which this rule applies. This field is only applicable
for UDP or TCP protocol. Each entry must be either an integer or a range. If not for UDP or TCP protocol. Each entry must be either an integer or a range.
specified, this rule applies to connections through any port. If not specified, this rule applies to connections through any port.
- 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].' - 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].'
returned: success returned: success
type: list type: list
@ -266,16 +275,17 @@ RETURN = '''
contains: contains:
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. The protocol type is required when creating - The IP protocol to which this rule applies. The protocol type is required
a firewall rule. This value can either be one of the following well known protocol when creating a firewall rule. This value can either be one of the following
strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol number. well known protocol strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol
number.
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- An optional list of ports to which this rule applies. This field is only applicable - An optional list of ports to which this rule applies. This field is only applicable
for UDP or TCP protocol. Each entry must be either an integer or a range. If not for UDP or TCP protocol. Each entry must be either an integer or a range.
specified, this rule applies to connections through any port. If not specified, this rule applies to connections through any port.
- 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].' - 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].'
returned: success returned: success
type: list type: list
@ -288,8 +298,8 @@ RETURN = '''
destinationRanges: destinationRanges:
description: description:
- If destination ranges are specified, the firewall will apply only to traffic that - If destination ranges are specified, the firewall will apply only to traffic that
has destination IP address in these ranges. These ranges must be expressed in CIDR has destination IP address in these ranges. These ranges must be expressed in
format. Only IPv4 is supported. CIDR format. Only IPv4 is supported.
returned: success returned: success
type: list type: list
direction: direction:
@ -301,10 +311,10 @@ RETURN = '''
type: str type: str
disabled: disabled:
description: description:
- Denotes whether the firewall rule is disabled, i.e not applied to the network it - Denotes whether the firewall rule is disabled, i.e not applied to the network
is associated with. When set to true, the firewall rule is not enforced and the it is associated with. When set to true, the firewall rule is not enforced and
network behaves as if it did not exist. If this is unspecified, the firewall rule the network behaves as if it did not exist. If this is unspecified, the firewall
will be enabled. rule will be enabled.
returned: success returned: success
type: bool type: bool
id: id:
@ -314,42 +324,42 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
description: description:
- 'URL of the network resource for this firewall rule. If not specified when creating - 'URL of the network resource for this firewall rule. If not specified when creating
a firewall rule, the default network is used: global/networks/default If you choose to a firewall rule, the default network is used: global/networks/default If you choose
specify this property, you can specify the network as a full or partial URL. For to specify this property, you can specify the network as a full or partial URL.
example, the following are all valid URLs: For example, the following are all valid URLs: U(https://www.googleapis.com/compute/v1/projects/myproject/global/)
U(https://www.googleapis.com/compute/v1/projects/myproject/global/) networks/my-network projects/myproject/global/networks/my-network global/networks/default
networks/my-network projects/myproject/global/networks/my-network .'
global/networks/default .'
returned: success returned: success
type: dict type: dict
priority: priority:
description: description:
- Priority for this rule. This is an integer between 0 and 65535, both inclusive. - Priority for this rule. This is an integer between 0 and 65535, both inclusive.
When not specified, the value assumed is 1000. Relative priorities determine precedence When not specified, the value assumed is 1000. Relative priorities determine precedence
of conflicting rules. Lower value of priority implies higher precedence (eg, a rule of conflicting rules. Lower value of priority implies higher precedence (eg, a
with priority 0 has higher precedence than a rule with priority 1). DENY rules take rule with priority 0 has higher precedence than a rule with priority 1). DENY
precedence over ALLOW rules having equal priority. rules take precedence over ALLOW rules having equal priority.
returned: success returned: success
type: int type: int
sourceRanges: sourceRanges:
description: description:
- If source ranges are specified, the firewall will apply only to traffic that has - If source ranges are specified, the firewall will apply only to traffic that has
source IP address in these ranges. These ranges must be expressed in CIDR format. source IP address in these ranges. These ranges must be expressed in CIDR format.
One or both of sourceRanges and sourceTags may be set. If both properties are set, One or both of sourceRanges and sourceTags may be set. If both properties are
the firewall will apply to traffic that has source IP address within sourceRanges set, the firewall will apply to traffic that has source IP address within sourceRanges
OR the source IP that belongs to a tag listed in the sourceTags property. The connection OR the source IP that belongs to a tag listed in the sourceTags property. The
does not need to match both properties for the firewall to apply. Only IPv4 is supported. connection does not need to match both properties for the firewall to apply. Only
IPv4 is supported.
returned: success returned: success
type: list type: list
sourceServiceAccounts: sourceServiceAccounts:
@ -360,27 +370,27 @@ RETURN = '''
because service accounts are associated with an instance, not an IP address. sourceRanges because service accounts are associated with an instance, not an IP address. sourceRanges
can be set at the same time as sourceServiceAccounts. If both are set, the firewall can be set at the same time as sourceServiceAccounts. If both are set, the firewall
will apply to traffic that has source IP address within sourceRanges OR the source will apply to traffic that has source IP address within sourceRanges OR the source
IP belongs to an instance with service account listed in sourceServiceAccount. The IP belongs to an instance with service account listed in sourceServiceAccount.
connection does not need to match both properties for the firewall to apply. sourceServiceAccounts The connection does not need to match both properties for the firewall to apply.
cannot be used at the same time as sourceTags or targetTags. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.
returned: success returned: success
type: list type: list
sourceTags: sourceTags:
description: description:
- If source tags are specified, the firewall will apply only to traffic with source - If source tags are specified, the firewall will apply only to traffic with source
IP that belongs to a tag listed in source tags. Source tags cannot be used to control IP that belongs to a tag listed in source tags. Source tags cannot be used to
traffic to an instance's external IP address. Because tags are associated with an control traffic to an instance's external IP address. Because tags are associated
instance, not an IP address. One or both of sourceRanges and sourceTags may be set. with an instance, not an IP address. One or both of sourceRanges and sourceTags
If both properties are set, the firewall will apply to traffic that has source IP may be set. If both properties are set, the firewall will apply to traffic that
address within sourceRanges OR the source IP that belongs to a tag listed in the has source IP address within sourceRanges OR the source IP that belongs to a tag
sourceTags property. The connection does not need to match both properties for the listed in the sourceTags property. The connection does not need to match both
firewall to apply. properties for the firewall to apply.
returned: success returned: success
type: list type: list
targetServiceAccounts: targetServiceAccounts:
description: description:
- A list of service accounts indicating sets of instances located in the network that - A list of service accounts indicating sets of instances located in the network
may make network connections as specified in allowed[]. that may make network connections as specified in allowed[].
- targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. - targetServiceAccounts cannot be used at the same time as targetTags or sourceTags.
If neither targetServiceAccounts nor targetTags are specified, the firewall rule If neither targetServiceAccounts nor targetTags are specified, the firewall rule
applies to all instances on the specified network. applies to all instances on the specified network.
@ -390,8 +400,8 @@ RETURN = '''
description: description:
- A list of instance tags indicating sets of instances located in the network that - A list of instance tags indicating sets of instances located in the network that
may make network connections as specified in allowed[]. may make network connections as specified in allowed[].
- If no targetTags are specified, the firewall rule applies to all instances on the - If no targetTags are specified, the firewall rule applies to all instances on
specified network. the specified network.
returned: success returned: success
type: list type: list
''' '''
@ -609,8 +619,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

156
plugins/modules/gcp_compute_firewall_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -68,23 +67,25 @@ items:
contains: contains:
allowed: allowed:
description: description:
- The list of ALLOW rules specified by this firewall. Each rule specifies a protocol - The list of ALLOW rules specified by this firewall. Each rule specifies a
and port-range tuple that describes a permitted connection. protocol and port-range tuple that describes a permitted connection.
returned: success returned: success
type: complex type: complex
contains: contains:
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. The protocol type is required when creating - The IP protocol to which this rule applies. The protocol type is required
a firewall rule. This value can either be one of the following well known protocol when creating a firewall rule. This value can either be one of the following
strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol number. well known protocol strings (tcp, udp, icmp, esp, ah, sctp), or the IP
protocol number.
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- An optional list of ports to which this rule applies. This field is only applicable - An optional list of ports to which this rule applies. This field is only
for UDP or TCP protocol. Each entry must be either an integer or a range. If not applicable for UDP or TCP protocol. Each entry must be either an integer
specified, this rule applies to connections through any port. or a range. If not specified, this rule applies to connections through
any port.
- 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].' - 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].'
returned: success returned: success
type: list type: list
@ -102,16 +103,18 @@ items:
contains: contains:
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. The protocol type is required when creating - The IP protocol to which this rule applies. The protocol type is required
a firewall rule. This value can either be one of the following well known protocol when creating a firewall rule. This value can either be one of the following
strings (tcp, udp, icmp, esp, ah, sctp), or the IP protocol number. well known protocol strings (tcp, udp, icmp, esp, ah, sctp), or the IP
protocol number.
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- An optional list of ports to which this rule applies. This field is only applicable - An optional list of ports to which this rule applies. This field is only
for UDP or TCP protocol. Each entry must be either an integer or a range. If not applicable for UDP or TCP protocol. Each entry must be either an integer
specified, this rule applies to connections through any port. or a range. If not specified, this rule applies to connections through
any port.
- 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].' - 'Example inputs include: ["22"], ["80","443"], and ["12345-12349"].'
returned: success returned: success
type: list type: list
@ -123,24 +126,24 @@ items:
type: str type: str
destinationRanges: destinationRanges:
description: description:
- If destination ranges are specified, the firewall will apply only to traffic that - If destination ranges are specified, the firewall will apply only to traffic
has destination IP address in these ranges. These ranges must be expressed in CIDR that has destination IP address in these ranges. These ranges must be expressed
format. Only IPv4 is supported. in CIDR format. Only IPv4 is supported.
returned: success returned: success
type: list type: list
direction: direction:
description: description:
- 'Direction of traffic to which this firewall applies; default is INGRESS. Note: - 'Direction of traffic to which this firewall applies; default is INGRESS.
For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS Note: For INGRESS traffic, it is NOT supported to specify destinationRanges;
traffic, it is NOT supported to specify sourceRanges OR sourceTags.' For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.'
returned: success returned: success
type: str type: str
disabled: disabled:
description: description:
- Denotes whether the firewall rule is disabled, i.e not applied to the network it - Denotes whether the firewall rule is disabled, i.e not applied to the network
is associated with. When set to true, the firewall rule is not enforced and the it is associated with. When set to true, the firewall rule is not enforced
network behaves as if it did not exist. If this is unspecified, the firewall rule and the network behaves as if it did not exist. If this is unspecified, the
will be enabled. firewall rule will be enabled.
returned: success returned: success
type: bool type: bool
id: id:
@ -150,84 +153,85 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
description: description:
- 'URL of the network resource for this firewall rule. If not specified when - 'URL of the network resource for this firewall rule. If not specified when
creating a firewall rule, the default network is used: global/networks/default If creating a firewall rule, the default network is used: global/networks/default
you choose to specify this property, you can specify the network as a full or If you choose to specify this property, you can specify the network as a full
partial URL. For example, the following are all valid URLs: or partial URL. For example, the following are all valid URLs: U(https://www.googleapis.com/compute/v1/projects/myproject/global/)
U(https://www.googleapis.com/compute/v1/projects/myproject/global/) networks/my-network projects/myproject/global/networks/my-network global/networks/default
networks/my-network projects/myproject/global/networks/my-network .'
global/networks/default .'
returned: success returned: success
type: dict type: dict
priority: priority:
description: description:
- Priority for this rule. This is an integer between 0 and 65535, both inclusive. - Priority for this rule. This is an integer between 0 and 65535, both inclusive.
When not specified, the value assumed is 1000. Relative priorities determine precedence When not specified, the value assumed is 1000. Relative priorities determine
of conflicting rules. Lower value of priority implies higher precedence (eg, a rule precedence of conflicting rules. Lower value of priority implies higher precedence
with priority 0 has higher precedence than a rule with priority 1). DENY rules take (eg, a rule with priority 0 has higher precedence than a rule with priority
precedence over ALLOW rules having equal priority. 1). DENY rules take precedence over ALLOW rules having equal priority.
returned: success returned: success
type: int type: int
sourceRanges: sourceRanges:
description: description:
- If source ranges are specified, the firewall will apply only to traffic that has - If source ranges are specified, the firewall will apply only to traffic that
source IP address in these ranges. These ranges must be expressed in CIDR format. has source IP address in these ranges. These ranges must be expressed in CIDR
One or both of sourceRanges and sourceTags may be set. If both properties are set, format. One or both of sourceRanges and sourceTags may be set. If both properties
the firewall will apply to traffic that has source IP address within sourceRanges are set, the firewall will apply to traffic that has source IP address within
OR the source IP that belongs to a tag listed in the sourceTags property. The connection sourceRanges OR the source IP that belongs to a tag listed in the sourceTags
does not need to match both properties for the firewall to apply. Only IPv4 is supported. property. The connection does not need to match both properties for the firewall
to apply. Only IPv4 is supported.
returned: success returned: success
type: list type: list
sourceServiceAccounts: sourceServiceAccounts:
description: description:
- If source service accounts are specified, the firewall will apply only to traffic - If source service accounts are specified, the firewall will apply only to
originating from an instance with a service account in this list. Source service traffic originating from an instance with a service account in this list.
accounts cannot be used to control traffic to an instance's external IP address Source service accounts cannot be used to control traffic to an instance's
because service accounts are associated with an instance, not an IP address. sourceRanges external IP address because service accounts are associated with an instance,
can be set at the same time as sourceServiceAccounts. If both are set, the firewall not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts.
will apply to traffic that has source IP address within sourceRanges OR the source If both are set, the firewall will apply to traffic that has source IP address
IP belongs to an instance with service account listed in sourceServiceAccount. The within sourceRanges OR the source IP belongs to an instance with service account
connection does not need to match both properties for the firewall to apply. sourceServiceAccounts listed in sourceServiceAccount. The connection does not need to match both
cannot be used at the same time as sourceTags or targetTags. properties for the firewall to apply. sourceServiceAccounts cannot be used
at the same time as sourceTags or targetTags.
returned: success returned: success
type: list type: list
sourceTags: sourceTags:
description: description:
- If source tags are specified, the firewall will apply only to traffic with source - If source tags are specified, the firewall will apply only to traffic with
IP that belongs to a tag listed in source tags. Source tags cannot be used to control source IP that belongs to a tag listed in source tags. Source tags cannot
traffic to an instance's external IP address. Because tags are associated with an be used to control traffic to an instance's external IP address. Because tags
instance, not an IP address. One or both of sourceRanges and sourceTags may be set. are associated with an instance, not an IP address. One or both of sourceRanges
If both properties are set, the firewall will apply to traffic that has source IP and sourceTags may be set. If both properties are set, the firewall will apply
address within sourceRanges OR the source IP that belongs to a tag listed in the to traffic that has source IP address within sourceRanges OR the source IP
sourceTags property. The connection does not need to match both properties for the that belongs to a tag listed in the sourceTags property. The connection does
firewall to apply. not need to match both properties for the firewall to apply.
returned: success returned: success
type: list type: list
targetServiceAccounts: targetServiceAccounts:
description: description:
- A list of service accounts indicating sets of instances located in the network that - A list of service accounts indicating sets of instances located in the network
may make network connections as specified in allowed[]. that may make network connections as specified in allowed[].
- targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. - targetServiceAccounts cannot be used at the same time as targetTags or sourceTags.
If neither targetServiceAccounts nor targetTags are specified, the firewall rule If neither targetServiceAccounts nor targetTags are specified, the firewall
applies to all instances on the specified network. rule applies to all instances on the specified network.
returned: success returned: success
type: list type: list
targetTags: targetTags:
description: description:
- A list of instance tags indicating sets of instances located in the network that - A list of instance tags indicating sets of instances located in the network
may make network connections as specified in allowed[]. that may make network connections as specified in allowed[].
- If no targetTags are specified, the firewall rule applies to all instances on the - If no targetTags are specified, the firewall rule applies to all instances
specified network. on the specified network.
returned: success returned: success
type: list type: list
''' '''
@ -250,7 +254,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

249
plugins/modules/gcp_compute_forwarding_rule.py
View file

@ -46,8 +46,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -56,97 +58,109 @@ options:
ip_address: ip_address:
description: description:
- The IP address that this forwarding rule is serving on behalf of. - The IP address that this forwarding rule is serving on behalf of.
- Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL - Addresses are restricted based on the forwarding rule's load balancing scheme
or INTERNAL) and scope (global or regional). (EXTERNAL or INTERNAL) and scope (global or regional).
- When the load balancing scheme is EXTERNAL, for global forwarding rules, the address - When the load balancing scheme is EXTERNAL, for global forwarding rules, the
must be a global IP, and for regional forwarding rules, the address must live in address must be a global IP, and for regional forwarding rules, the address
the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 must live in the same region as the forwarding rule. If this field is empty,
address from the same scope (global or regional) will be assigned. A regional forwarding an ephemeral IPv4 address from the same scope (global or regional) will be assigned.
rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. A regional forwarding rule supports IPv4 only. A global forwarding rule supports
- When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address either IPv4 or IPv6.
belonging to the network/subnet configured for the forwarding rule. By default, - When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP
if this field is empty, an ephemeral internal IP address will be automatically allocated address belonging to the network/subnet configured for the forwarding rule.
from the IP range of the subnet or network configured for this forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be
- 'An address can be specified either by a literal IP address or a URL reference to automatically allocated from the IP range of the subnet or network configured
an existing Address resource. The following examples are all valid: * 100.1.2.3 for this forwarding rule.
- 'An address can be specified either by a literal IP address or a URL reference
to an existing Address resource. The following examples are all valid: * 100.1.2.3
* U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address) * U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address)
* projects/project/regions/region/addresses/address * regions/region/addresses/address * projects/project/regions/region/addresses/address * regions/region/addresses/address
* global/addresses/address * address .' * global/addresses/address * address .'
required: false required: false
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, - The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP,
SCTP or ICMP. AH, SCTP or ICMP.
- When the load balancing scheme is INTERNAL, only TCP and UDP are valid. - When the load balancing scheme is INTERNAL, only TCP and UDP are valid.
required: false required: false
choices: ['TCP', 'UDP', 'ESP', 'AH', 'SCTP', 'ICMP'] choices:
- TCP
- UDP
- ESP
- AH
- SCTP
- ICMP
backend_service: backend_service:
description: description:
- A reference to a BackendService to receive the matched traffic. - A reference to a BackendService to receive the matched traffic.
- This is used for internal load balancing. - This is used for internal load balancing.
- "(not used for external load balancing) ." - "(not used for external load balancing) ."
- 'This field represents a link to a BackendService resource in GCP. It can be specified - 'This field represents a link to a BackendService resource in GCP. It can be
in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service specified in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service
task and then set this backend_service field to "{{ name-of-resource }}" Alternatively, task and then set this backend_service field to "{{ name-of-resource }}" Alternatively,
you can set this backend_service to a dictionary with the selfLink key where the you can set this backend_service to a dictionary with the selfLink key where
value is the selfLink of your BackendService.' the value is the selfLink of your BackendService'
required: false required: false
ip_version: ip_version:
description: description:
- The IP Version that will be used by this forwarding rule. Valid options are IPV4 - The IP Version that will be used by this forwarding rule. Valid options are
or IPV6. This can only be specified for a global forwarding rule. IPV4 or IPV6. This can only be specified for a global forwarding rule.
required: false required: false
choices: ['IPV4', 'IPV6'] choices:
- IPV4
- IPV6
load_balancing_scheme: load_balancing_scheme:
description: description:
- 'This signifies what the ForwardingRule will be used for and can only take the following - 'This signifies what the ForwardingRule will be used for and can only take the
values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will
Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL
will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) means that this will be used for External Load Balancing (HTTP(S) LB, External
.' TCP/UDP LB, SSL Proxy) .'
required: false required: false
choices: ['INTERNAL', 'EXTERNAL'] choices:
- INTERNAL
- EXTERNAL
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
network: network:
description: description:
- For internal load balancing, this field identifies the network that the load balanced - For internal load balancing, this field identifies the network that the load
IP should belong to for this Forwarding Rule. If this field is not specified, the balanced IP should belong to for this Forwarding Rule. If this field is not
default network will be used. specified, the default network will be used.
- This field is not used for external load balancing. - This field is not used for external load balancing.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: false required: false
port_range: port_range:
description: description:
- This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, - This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy,
TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.
- Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to - Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed
ports in the specified range will be forwarded to target. to ports in the specified range will be forwarded to target.
- Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port - Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint
ranges. port ranges.
- 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: - 'Some types of forwarding target have constraints on the acceptable ports: *
80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43,
587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25,
143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway:
500, 4500 .' 500, 4500 .'
required: false required: false
ports: ports:
description: description:
- This field is used along with the backend_service field for internal load balancing. - This field is used along with the backend_service field for internal load balancing.
- When the load balancing scheme is INTERNAL, a single port or a comma separated list - When the load balancing scheme is INTERNAL, a single port or a comma separated
of ports can be configured. Only packets addressed to these ports will be forwarded list of ports can be configured. Only packets addressed to these ports will
to the backends configured with this forwarding rule. be forwarded to the backends configured with this forwarding rule.
- You may specify a maximum of up to 5 ports. - You may specify a maximum of up to 5 ports.
required: false required: false
subnetwork: subnetwork:
@ -160,31 +174,34 @@ options:
- 'This field represents a link to a Subnetwork resource in GCP. It can be specified - 'This field represents a link to a Subnetwork resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork
task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively, task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively,
you can set this subnetwork to a dictionary with the selfLink key where the value you can set this subnetwork to a dictionary with the selfLink key where the
is the selfLink of your Subnetwork.' value is the selfLink of your Subnetwork'
required: false required: false
target: target:
description: description:
- A reference to a TargetPool resource to receive the matched traffic. - A reference to a TargetPool resource to receive the matched traffic.
- For regional forwarding rules, this target must live in the same region as the forwarding - For regional forwarding rules, this target must live in the same region as the
rule. For global forwarding rules, this target must be a global load balancing resource. forwarding rule. For global forwarding rules, this target must be a global load
The forwarded traffic must be of a type appropriate to the target object. balancing resource. The forwarded traffic must be of a type appropriate to the
target object.
- This field is not used for internal load balancing. - This field is not used for internal load balancing.
- 'This field represents a link to a TargetPool resource in GCP. It can be specified - 'This field represents a link to a TargetPool resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_target_pool in two ways. You can add `register: name-of-resource` to a gcp_compute_target_pool
task and then set this target field to "{{ name-of-resource }}" Alternatively, you task and then set this target field to "{{ name-of-resource }}" Alternatively,
can set this target to a dictionary with the selfLink key where the value is the you can set this target to a dictionary with the selfLink key where the value
selfLink of your TargetPool.' is the selfLink of your TargetPool'
required: false required: false
version_added: 2.7 version_added: 2.7
network_tier: network_tier:
description: description:
- 'The networking tier used for configuring this address. This field can take the - 'The networking tier used for configuring this address. This field can take
following values: PREMIUM or STANDARD. If this field is not specified, it is assumed the following values: PREMIUM or STANDARD. If this field is not specified, it
to be PREMIUM.' is assumed to be PREMIUM.'
required: false required: false
version_added: 2.8 version_added: 2.8
choices: ['PREMIUM', 'STANDARD'] choices:
- PREMIUM
- STANDARD
region: region:
description: description:
- A reference to the region where the regional forwarding rule resides. - A reference to the region where the regional forwarding rule resides.
@ -192,8 +209,8 @@ options:
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/forwardingRule)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/forwardingRule)'
- "Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules)" - 'Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -251,19 +268,21 @@ RETURN = '''
IPAddress: IPAddress:
description: description:
- The IP address that this forwarding rule is serving on behalf of. - The IP address that this forwarding rule is serving on behalf of.
- Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL - Addresses are restricted based on the forwarding rule's load balancing scheme
or INTERNAL) and scope (global or regional). (EXTERNAL or INTERNAL) and scope (global or regional).
- When the load balancing scheme is EXTERNAL, for global forwarding rules, the address - When the load balancing scheme is EXTERNAL, for global forwarding rules, the address
must be a global IP, and for regional forwarding rules, the address must live in must be a global IP, and for regional forwarding rules, the address must live
the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 in the same region as the forwarding rule. If this field is empty, an ephemeral
address from the same scope (global or regional) will be assigned. A regional forwarding IPv4 address from the same scope (global or regional) will be assigned. A regional
rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4
or IPv6.
- When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address - When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address
belonging to the network/subnet configured for the forwarding rule. By default, belonging to the network/subnet configured for the forwarding rule. By default,
if this field is empty, an ephemeral internal IP address will be automatically allocated if this field is empty, an ephemeral internal IP address will be automatically
from the IP range of the subnet or network configured for this forwarding rule. allocated from the IP range of the subnet or network configured for this forwarding
- 'An address can be specified either by a literal IP address or a URL reference to rule.
an existing Address resource. The following examples are all valid: * 100.1.2.3 - 'An address can be specified either by a literal IP address or a URL reference
to an existing Address resource. The following examples are all valid: * 100.1.2.3
* U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address) * U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address)
* projects/project/regions/region/addresses/address * regions/region/addresses/address * projects/project/regions/region/addresses/address * regions/region/addresses/address
* global/addresses/address * address .' * global/addresses/address * address .'
@ -291,28 +310,28 @@ RETURN = '''
type: str type: str
loadBalancingScheme: loadBalancingScheme:
description: description:
- 'This signifies what the ForwardingRule will be used for and can only take the following - 'This signifies what the ForwardingRule will be used for and can only take the
values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will
Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL
will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) means that this will be used for External Load Balancing (HTTP(S) LB, External
.' TCP/UDP LB, SSL Proxy) .'
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
description: description:
- For internal load balancing, this field identifies the network that the load balanced - For internal load balancing, this field identifies the network that the load balanced
IP should belong to for this Forwarding Rule. If this field is not specified, the IP should belong to for this Forwarding Rule. If this field is not specified,
default network will be used. the default network will be used.
- This field is not used for external load balancing. - This field is not used for external load balancing.
returned: success returned: success
type: dict type: dict
@ -322,21 +341,20 @@ RETURN = '''
TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.
- Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to - Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to
ports in the specified range will be forwarded to target. ports in the specified range will be forwarded to target.
- Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port - Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint
ranges. port ranges.
- 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: - 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy:
80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443,
587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443,
143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500 .'
500, 4500 .'
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- This field is used along with the backend_service field for internal load balancing. - This field is used along with the backend_service field for internal load balancing.
- When the load balancing scheme is INTERNAL, a single port or a comma separated list - When the load balancing scheme is INTERNAL, a single port or a comma separated
of ports can be configured. Only packets addressed to these ports will be forwarded list of ports can be configured. Only packets addressed to these ports will be
to the backends configured with this forwarding rule. forwarded to the backends configured with this forwarding rule.
- You may specify a maximum of up to 5 ports. - You may specify a maximum of up to 5 ports.
returned: success returned: success
type: list type: list
@ -353,18 +371,13 @@ RETURN = '''
target: target:
description: description:
- A reference to a TargetPool resource to receive the matched traffic. - A reference to a TargetPool resource to receive the matched traffic.
- For regional forwarding rules, this target must live in the same region as the forwarding - For regional forwarding rules, this target must live in the same region as the
rule. For global forwarding rules, this target must be a global load balancing resource. forwarding rule. For global forwarding rules, this target must be a global load
The forwarded traffic must be of a type appropriate to the target object. balancing resource. The forwarded traffic must be of a type appropriate to the
target object.
- This field is not used for internal load balancing. - This field is not used for internal load balancing.
returned: success returned: success
type: dict type: dict
labelFingerprint:
description:
- The fingerprint used for optimistic locking of this resource. Used internally during
updates.
returned: success
type: str
networkTier: networkTier:
description: description:
- 'The networking tier used for configuring this address. This field can take the - 'The networking tier used for configuring this address. This field can take the
@ -476,19 +489,6 @@ def target_update(module, request, response):
) )
def label_fingerprint_update(module, request, response):
auth = GcpSession(module, 'compute')
auth.post(
''.join([
"https://www.googleapis.com/compute/v1/",
"projects/{project}/regions/{region}/forwardingRules/{name}/setLabels"
]).format(**module.params),
{
u'labelFingerprint': response.get('labelFingerprint')
}
)
def delete(module, link, kind): def delete(module, link, kind):
auth = GcpSession(module, 'compute') auth = GcpSession(module, 'compute')
return wait_for_operation(module, auth.delete(link)) return wait_for_operation(module, auth.delete(link))
@ -589,7 +589,6 @@ def response_to_hash(module, response):
u'ports': response.get(u'ports'), u'ports': response.get(u'ports'),
u'subnetwork': response.get(u'subnetwork'), u'subnetwork': response.get(u'subnetwork'),
u'target': response.get(u'target'), u'target': response.get(u'target'),
u'labelFingerprint': response.get(u'labelFingerprint'),
u'networkTier': module.params.get('network_tier') u'networkTier': module.params.get('network_tier')
} }
@ -618,8 +617,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

121
plugins/modules/gcp_compute_forwarding_rule_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- A reference to the region where the regional forwarding rule resides. - A reference to the region where the regional forwarding rule resides.
@ -91,19 +90,21 @@ items:
IPAddress: IPAddress:
description: description:
- The IP address that this forwarding rule is serving on behalf of. - The IP address that this forwarding rule is serving on behalf of.
- Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL - Addresses are restricted based on the forwarding rule's load balancing scheme
or INTERNAL) and scope (global or regional). (EXTERNAL or INTERNAL) and scope (global or regional).
- When the load balancing scheme is EXTERNAL, for global forwarding rules, the address - When the load balancing scheme is EXTERNAL, for global forwarding rules, the
must be a global IP, and for regional forwarding rules, the address must live in address must be a global IP, and for regional forwarding rules, the address
the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 must live in the same region as the forwarding rule. If this field is empty,
address from the same scope (global or regional) will be assigned. A regional forwarding an ephemeral IPv4 address from the same scope (global or regional) will be
rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. assigned. A regional forwarding rule supports IPv4 only. A global forwarding
- When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address rule supports either IPv4 or IPv6.
belonging to the network/subnet configured for the forwarding rule. By default, - When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP
if this field is empty, an ephemeral internal IP address will be automatically allocated address belonging to the network/subnet configured for the forwarding rule.
from the IP range of the subnet or network configured for this forwarding rule. By default, if this field is empty, an ephemeral internal IP address will
- 'An address can be specified either by a literal IP address or a URL reference to be automatically allocated from the IP range of the subnet or network configured
an existing Address resource. The following examples are all valid: * 100.1.2.3 for this forwarding rule.
- 'An address can be specified either by a literal IP address or a URL reference
to an existing Address resource. The following examples are all valid: * 100.1.2.3
* U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address) * U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address)
* projects/project/regions/region/addresses/address * regions/region/addresses/address * projects/project/regions/region/addresses/address * regions/region/addresses/address
* global/addresses/address * address .' * global/addresses/address * address .'
@ -111,8 +112,8 @@ items:
type: str type: str
IPProtocol: IPProtocol:
description: description:
- The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, - The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP,
SCTP or ICMP. AH, SCTP or ICMP.
- When the load balancing scheme is INTERNAL, only TCP and UDP are valid. - When the load balancing scheme is INTERNAL, only TCP and UDP are valid.
returned: success returned: success
type: str type: str
@ -125,34 +126,34 @@ items:
type: dict type: dict
ipVersion: ipVersion:
description: description:
- The IP Version that will be used by this forwarding rule. Valid options are IPV4 - The IP Version that will be used by this forwarding rule. Valid options are
or IPV6. This can only be specified for a global forwarding rule. IPV4 or IPV6. This can only be specified for a global forwarding rule.
returned: success returned: success
type: str type: str
loadBalancingScheme: loadBalancingScheme:
description: description:
- 'This signifies what the ForwardingRule will be used for and can only take the following - 'This signifies what the ForwardingRule will be used for and can only take
values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for the following values: INTERNAL, EXTERNAL The value of INTERNAL means that
Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this this will be used for Internal Network Load Balancing (TCP, UDP). The value
will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) of EXTERNAL means that this will be used for External Load Balancing (HTTP(S)
.' LB, External TCP/UDP LB, SSL Proxy) .'
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
description: description:
- For internal load balancing, this field identifies the network that the load balanced - For internal load balancing, this field identifies the network that the load
IP should belong to for this Forwarding Rule. If this field is not specified, the balanced IP should belong to for this Forwarding Rule. If this field is not
default network will be used. specified, the default network will be used.
- This field is not used for external load balancing. - This field is not used for external load balancing.
returned: success returned: success
type: dict type: dict
@ -160,31 +161,32 @@ items:
description: description:
- This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, - This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy,
TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.
- Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to - Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed
ports in the specified range will be forwarded to target. to ports in the specified range will be forwarded to target.
- Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port - Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint
ranges. port ranges.
- 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: - 'Some types of forwarding target have constraints on the acceptable ports:
80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25,
587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy:
143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway:
500, 4500 .' 500, 4500 .'
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- This field is used along with the backend_service field for internal load balancing. - This field is used along with the backend_service field for internal load
- When the load balancing scheme is INTERNAL, a single port or a comma separated list balancing.
of ports can be configured. Only packets addressed to these ports will be forwarded - When the load balancing scheme is INTERNAL, a single port or a comma separated
to the backends configured with this forwarding rule. list of ports can be configured. Only packets addressed to these ports will
be forwarded to the backends configured with this forwarding rule.
- You may specify a maximum of up to 5 ports. - You may specify a maximum of up to 5 ports.
returned: success returned: success
type: list type: list
subnetwork: subnetwork:
description: description:
- A reference to a subnetwork. - A reference to a subnetwork.
- For internal load balancing, this field identifies the subnetwork that the load - For internal load balancing, this field identifies the subnetwork that the
balanced IP should belong to for this Forwarding Rule. load balanced IP should belong to for this Forwarding Rule.
- If the network specified is in auto subnet mode, this field is optional. However, - If the network specified is in auto subnet mode, this field is optional. However,
if the network is in custom subnet mode, a subnetwork must be specified. if the network is in custom subnet mode, a subnetwork must be specified.
- This field is not used for external load balancing. - This field is not used for external load balancing.
@ -193,23 +195,18 @@ items:
target: target:
description: description:
- A reference to a TargetPool resource to receive the matched traffic. - A reference to a TargetPool resource to receive the matched traffic.
- For regional forwarding rules, this target must live in the same region as the forwarding - For regional forwarding rules, this target must live in the same region as
rule. For global forwarding rules, this target must be a global load balancing resource. the forwarding rule. For global forwarding rules, this target must be a global
The forwarded traffic must be of a type appropriate to the target object. load balancing resource. The forwarded traffic must be of a type appropriate
to the target object.
- This field is not used for internal load balancing. - This field is not used for internal load balancing.
returned: success returned: success
type: dict type: dict
labelFingerprint:
description:
- The fingerprint used for optimistic locking of this resource. Used internally during
updates.
returned: success
type: str
networkTier: networkTier:
description: description:
- 'The networking tier used for configuring this address. This field can take the - 'The networking tier used for configuring this address. This field can take
following values: PREMIUM or STANDARD. If this field is not specified, it is assumed the following values: PREMIUM or STANDARD. If this field is not specified,
to be PREMIUM.' it is assumed to be PREMIUM.'
returned: success returned: success
type: str type: str
region: region:
@ -239,7 +236,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

80
plugins/modules/gcp_compute_global_address.py
View file

@ -45,8 +45,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
@ -54,19 +56,21 @@ options:
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
ip_version: ip_version:
description: description:
- The IP Version that will be used by this address. Valid options are IPV4 or IPV6. - The IP Version that will be used by this address. Valid options are IPV4 or
The default value is IPV4. IPV6. The default value is IPV4.
required: false required: false
choices: ['IPV4', 'IPV6'] choices:
- IPV4
- IPV6
address_type: address_type:
description: description:
- The type of the address to reserve, default is EXTERNAL. - The type of the address to reserve, default is EXTERNAL.
@ -75,11 +79,13 @@ options:
required: false required: false
default: EXTERNAL default: EXTERNAL
version_added: 2.8 version_added: 2.8
choices: ['EXTERNAL', 'INTERNAL'] choices:
- EXTERNAL
- INTERNAL
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/globalAddresses)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/globalAddresses)'
- "Reserving a Static External IP Address: U(https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address)" - 'Reserving a Static External IP Address: U(https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -116,18 +122,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success
type: str
labelFingerprint:
description:
- The fingerprint used for optimistic locking of this resource. Used internally during
updates.
returned: success returned: success
type: str type: str
ipVersion: ipVersion:
@ -189,7 +189,7 @@ def main():
if fetch: if fetch:
if state == 'present': if state == 'present':
if is_different(module, fetch): if is_different(module, fetch):
update(module, self_link(module), kind, fetch) update(module, self_link(module), kind)
fetch = fetch_resource(module, self_link(module), kind) fetch = fetch_resource(module, self_link(module), kind)
changed = True changed = True
else: else:
@ -213,27 +213,8 @@ def create(module, link, kind):
return wait_for_operation(module, auth.post(link, resource_to_request(module))) return wait_for_operation(module, auth.post(link, resource_to_request(module)))
def update(module, link, kind, fetch): def update(module, link, kind):
update_fields(module, resource_to_request(module), module.fail_json(msg="GlobalAddress cannot be edited")
response_to_hash(module, fetch))
return fetch_resource(module, self_link(module), kind)
def update_fields(module, request, response):
pass
def label_fingerprint_update(module, request, response):
auth = GcpSession(module, 'compute')
auth.post(
''.join([
"https://www.googleapis.com/compute/v1/",
"projects/{project}/global/addresses/{name}/setLabels"
]).format(**module.params),
{
u'labelFingerprint': response.get('labelFingerprint')
}
)
def delete(module, link, kind): def delete(module, link, kind):
@ -318,7 +299,6 @@ def response_to_hash(module, response):
u'description': response.get(u'description'), u'description': response.get(u'description'),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'labelFingerprint': response.get(u'labelFingerprint'),
u'ipVersion': response.get(u'ipVersion'), u'ipVersion': response.get(u'ipVersion'),
u'region': response.get(u'region'), u'region': response.get(u'region'),
u'addressType': response.get(u'addressType') u'addressType': response.get(u'addressType')
@ -358,8 +338,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

34
plugins/modules/gcp_compute_global_address_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -84,29 +83,24 @@ items:
type: str type: str
id: id:
description: description:
- The unique identifier for the resource. This identifier is defined by the server. - The unique identifier for the resource. This identifier is defined by the
server.
returned: success returned: success
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success
type: str
labelFingerprint:
description:
- The fingerprint used for optimistic locking of this resource. Used internally during
updates.
returned: success returned: success
type: str type: str
ipVersion: ipVersion:
description: description:
- The IP Version that will be used by this address. Valid options are IPV4 or IPV6. - The IP Version that will be used by this address. Valid options are IPV4 or
The default value is IPV4. IPV6. The default value is IPV4.
returned: success returned: success
type: str type: str
region: region:
@ -141,7 +135,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

199
plugins/modules/gcp_compute_global_forwarding_rule.py
View file

@ -48,8 +48,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -58,97 +60,109 @@ options:
ip_address: ip_address:
description: description:
- The IP address that this forwarding rule is serving on behalf of. - The IP address that this forwarding rule is serving on behalf of.
- Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL - Addresses are restricted based on the forwarding rule's load balancing scheme
or INTERNAL) and scope (global or regional). (EXTERNAL or INTERNAL) and scope (global or regional).
- When the load balancing scheme is EXTERNAL, for global forwarding rules, the address - When the load balancing scheme is EXTERNAL, for global forwarding rules, the
must be a global IP, and for regional forwarding rules, the address must live in address must be a global IP, and for regional forwarding rules, the address
the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 must live in the same region as the forwarding rule. If this field is empty,
address from the same scope (global or regional) will be assigned. A regional forwarding an ephemeral IPv4 address from the same scope (global or regional) will be assigned.
rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. A regional forwarding rule supports IPv4 only. A global forwarding rule supports
- When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address either IPv4 or IPv6.
belonging to the network/subnet configured for the forwarding rule. By default, - When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP
if this field is empty, an ephemeral internal IP address will be automatically allocated address belonging to the network/subnet configured for the forwarding rule.
from the IP range of the subnet or network configured for this forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be
- 'An address can be specified either by a literal IP address or a URL reference to automatically allocated from the IP range of the subnet or network configured
an existing Address resource. The following examples are all valid: * 100.1.2.3 for this forwarding rule.
- 'An address can be specified either by a literal IP address or a URL reference
to an existing Address resource. The following examples are all valid: * 100.1.2.3
* U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address) * U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address)
* projects/project/regions/region/addresses/address * regions/region/addresses/address * projects/project/regions/region/addresses/address * regions/region/addresses/address
* global/addresses/address * address .' * global/addresses/address * address .'
required: false required: false
ip_protocol: ip_protocol:
description: description:
- The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, - The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP,
SCTP or ICMP. AH, SCTP or ICMP.
- When the load balancing scheme is INTERNAL, only TCP and UDP are valid. - When the load balancing scheme is INTERNAL, only TCP and UDP are valid.
required: false required: false
choices: ['TCP', 'UDP', 'ESP', 'AH', 'SCTP', 'ICMP'] choices:
- TCP
- UDP
- ESP
- AH
- SCTP
- ICMP
backend_service: backend_service:
description: description:
- A reference to a BackendService to receive the matched traffic. - A reference to a BackendService to receive the matched traffic.
- This is used for internal load balancing. - This is used for internal load balancing.
- "(not used for external load balancing) ." - "(not used for external load balancing) ."
- 'This field represents a link to a BackendService resource in GCP. It can be specified - 'This field represents a link to a BackendService resource in GCP. It can be
in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service specified in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service
task and then set this backend_service field to "{{ name-of-resource }}" Alternatively, task and then set this backend_service field to "{{ name-of-resource }}" Alternatively,
you can set this backend_service to a dictionary with the selfLink key where the you can set this backend_service to a dictionary with the selfLink key where
value is the selfLink of your BackendService.' the value is the selfLink of your BackendService'
required: false required: false
ip_version: ip_version:
description: description:
- The IP Version that will be used by this forwarding rule. Valid options are IPV4 - The IP Version that will be used by this forwarding rule. Valid options are
or IPV6. This can only be specified for a global forwarding rule. IPV4 or IPV6. This can only be specified for a global forwarding rule.
required: false required: false
choices: ['IPV4', 'IPV6'] choices:
- IPV4
- IPV6
load_balancing_scheme: load_balancing_scheme:
description: description:
- 'This signifies what the ForwardingRule will be used for and can only take the following - 'This signifies what the ForwardingRule will be used for and can only take the
values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will
Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL
will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) means that this will be used for External Load Balancing (HTTP(S) LB, External
.' TCP/UDP LB, SSL Proxy) .'
required: false required: false
choices: ['INTERNAL', 'EXTERNAL'] choices:
- INTERNAL
- EXTERNAL
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
network: network:
description: description:
- For internal load balancing, this field identifies the network that the load balanced - For internal load balancing, this field identifies the network that the load
IP should belong to for this Forwarding Rule. If this field is not specified, the balanced IP should belong to for this Forwarding Rule. If this field is not
default network will be used. specified, the default network will be used.
- This field is not used for external load balancing. - This field is not used for external load balancing.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: false required: false
port_range: port_range:
description: description:
- This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, - This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy,
TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.
- Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to - Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed
ports in the specified range will be forwarded to target. to ports in the specified range will be forwarded to target.
- Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port - Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint
ranges. port ranges.
- 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: - 'Some types of forwarding target have constraints on the acceptable ports: *
80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43,
587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25,
143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway:
500, 4500 .' 500, 4500 .'
required: false required: false
ports: ports:
description: description:
- This field is used along with the backend_service field for internal load balancing. - This field is used along with the backend_service field for internal load balancing.
- When the load balancing scheme is INTERNAL, a single port or a comma separated list - When the load balancing scheme is INTERNAL, a single port or a comma separated
of ports can be configured. Only packets addressed to these ports will be forwarded list of ports can be configured. Only packets addressed to these ports will
to the backends configured with this forwarding rule. be forwarded to the backends configured with this forwarding rule.
- You may specify a maximum of up to 5 ports. - You may specify a maximum of up to 5 ports.
required: false required: false
subnetwork: subnetwork:
@ -162,13 +176,13 @@ options:
- 'This field represents a link to a Subnetwork resource in GCP. It can be specified - 'This field represents a link to a Subnetwork resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork
task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively, task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively,
you can set this subnetwork to a dictionary with the selfLink key where the value you can set this subnetwork to a dictionary with the selfLink key where the
is the selfLink of your Subnetwork.' value is the selfLink of your Subnetwork'
required: false required: false
target: target:
description: description:
- This target must be a global load balancing resource. The forwarded traffic must - This target must be a global load balancing resource. The forwarded traffic
be of a type appropriate to the target object. must be of a type appropriate to the target object.
- 'Valid types: HTTP_PROXY, HTTPS_PROXY, SSL_PROXY, TCP_PROXY .' - 'Valid types: HTTP_PROXY, HTTPS_PROXY, SSL_PROXY, TCP_PROXY .'
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
@ -274,19 +288,21 @@ RETURN = '''
IPAddress: IPAddress:
description: description:
- The IP address that this forwarding rule is serving on behalf of. - The IP address that this forwarding rule is serving on behalf of.
- Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL - Addresses are restricted based on the forwarding rule's load balancing scheme
or INTERNAL) and scope (global or regional). (EXTERNAL or INTERNAL) and scope (global or regional).
- When the load balancing scheme is EXTERNAL, for global forwarding rules, the address - When the load balancing scheme is EXTERNAL, for global forwarding rules, the address
must be a global IP, and for regional forwarding rules, the address must live in must be a global IP, and for regional forwarding rules, the address must live
the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 in the same region as the forwarding rule. If this field is empty, an ephemeral
address from the same scope (global or regional) will be assigned. A regional forwarding IPv4 address from the same scope (global or regional) will be assigned. A regional
rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4
or IPv6.
- When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address - When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address
belonging to the network/subnet configured for the forwarding rule. By default, belonging to the network/subnet configured for the forwarding rule. By default,
if this field is empty, an ephemeral internal IP address will be automatically allocated if this field is empty, an ephemeral internal IP address will be automatically
from the IP range of the subnet or network configured for this forwarding rule. allocated from the IP range of the subnet or network configured for this forwarding
- 'An address can be specified either by a literal IP address or a URL reference to rule.
an existing Address resource. The following examples are all valid: * 100.1.2.3 - 'An address can be specified either by a literal IP address or a URL reference
to an existing Address resource. The following examples are all valid: * 100.1.2.3
* U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address) * U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address)
* projects/project/regions/region/addresses/address * regions/region/addresses/address * projects/project/regions/region/addresses/address * regions/region/addresses/address
* global/addresses/address * address .' * global/addresses/address * address .'
@ -314,28 +330,28 @@ RETURN = '''
type: str type: str
loadBalancingScheme: loadBalancingScheme:
description: description:
- 'This signifies what the ForwardingRule will be used for and can only take the following - 'This signifies what the ForwardingRule will be used for and can only take the
values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will
Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL
will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) means that this will be used for External Load Balancing (HTTP(S) LB, External
.' TCP/UDP LB, SSL Proxy) .'
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
description: description:
- For internal load balancing, this field identifies the network that the load balanced - For internal load balancing, this field identifies the network that the load balanced
IP should belong to for this Forwarding Rule. If this field is not specified, the IP should belong to for this Forwarding Rule. If this field is not specified,
default network will be used. the default network will be used.
- This field is not used for external load balancing. - This field is not used for external load balancing.
returned: success returned: success
type: dict type: dict
@ -345,21 +361,20 @@ RETURN = '''
TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.
- Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to - Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to
ports in the specified range will be forwarded to target. ports in the specified range will be forwarded to target.
- Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port - Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint
ranges. port ranges.
- 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: - 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy:
80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443,
587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443,
143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500 .'
500, 4500 .'
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- This field is used along with the backend_service field for internal load balancing. - This field is used along with the backend_service field for internal load balancing.
- When the load balancing scheme is INTERNAL, a single port or a comma separated list - When the load balancing scheme is INTERNAL, a single port or a comma separated
of ports can be configured. Only packets addressed to these ports will be forwarded list of ports can be configured. Only packets addressed to these ports will be
to the backends configured with this forwarding rule. forwarded to the backends configured with this forwarding rule.
- You may specify a maximum of up to 5 ports. - You may specify a maximum of up to 5 ports.
returned: success returned: success
type: list type: list
@ -590,8 +605,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

106
plugins/modules/gcp_compute_global_forwarding_rule_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -85,19 +84,21 @@ items:
IPAddress: IPAddress:
description: description:
- The IP address that this forwarding rule is serving on behalf of. - The IP address that this forwarding rule is serving on behalf of.
- Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL - Addresses are restricted based on the forwarding rule's load balancing scheme
or INTERNAL) and scope (global or regional). (EXTERNAL or INTERNAL) and scope (global or regional).
- When the load balancing scheme is EXTERNAL, for global forwarding rules, the address - When the load balancing scheme is EXTERNAL, for global forwarding rules, the
must be a global IP, and for regional forwarding rules, the address must live in address must be a global IP, and for regional forwarding rules, the address
the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 must live in the same region as the forwarding rule. If this field is empty,
address from the same scope (global or regional) will be assigned. A regional forwarding an ephemeral IPv4 address from the same scope (global or regional) will be
rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. assigned. A regional forwarding rule supports IPv4 only. A global forwarding
- When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address rule supports either IPv4 or IPv6.
belonging to the network/subnet configured for the forwarding rule. By default, - When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP
if this field is empty, an ephemeral internal IP address will be automatically allocated address belonging to the network/subnet configured for the forwarding rule.
from the IP range of the subnet or network configured for this forwarding rule. By default, if this field is empty, an ephemeral internal IP address will
- 'An address can be specified either by a literal IP address or a URL reference to be automatically allocated from the IP range of the subnet or network configured
an existing Address resource. The following examples are all valid: * 100.1.2.3 for this forwarding rule.
- 'An address can be specified either by a literal IP address or a URL reference
to an existing Address resource. The following examples are all valid: * 100.1.2.3
* U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address) * U(https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address)
* projects/project/regions/region/addresses/address * regions/region/addresses/address * projects/project/regions/region/addresses/address * regions/region/addresses/address
* global/addresses/address * address .' * global/addresses/address * address .'
@ -105,8 +106,8 @@ items:
type: str type: str
IPProtocol: IPProtocol:
description: description:
- The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, - The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP,
SCTP or ICMP. AH, SCTP or ICMP.
- When the load balancing scheme is INTERNAL, only TCP and UDP are valid. - When the load balancing scheme is INTERNAL, only TCP and UDP are valid.
returned: success returned: success
type: str type: str
@ -119,34 +120,34 @@ items:
type: dict type: dict
ipVersion: ipVersion:
description: description:
- The IP Version that will be used by this forwarding rule. Valid options are IPV4 - The IP Version that will be used by this forwarding rule. Valid options are
or IPV6. This can only be specified for a global forwarding rule. IPV4 or IPV6. This can only be specified for a global forwarding rule.
returned: success returned: success
type: str type: str
loadBalancingScheme: loadBalancingScheme:
description: description:
- 'This signifies what the ForwardingRule will be used for and can only take the following - 'This signifies what the ForwardingRule will be used for and can only take
values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for the following values: INTERNAL, EXTERNAL The value of INTERNAL means that
Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this this will be used for Internal Network Load Balancing (TCP, UDP). The value
will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) of EXTERNAL means that this will be used for External Load Balancing (HTTP(S)
.' LB, External TCP/UDP LB, SSL Proxy) .'
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
description: description:
- For internal load balancing, this field identifies the network that the load balanced - For internal load balancing, this field identifies the network that the load
IP should belong to for this Forwarding Rule. If this field is not specified, the balanced IP should belong to for this Forwarding Rule. If this field is not
default network will be used. specified, the default network will be used.
- This field is not used for external load balancing. - This field is not used for external load balancing.
returned: success returned: success
type: dict type: dict
@ -154,31 +155,32 @@ items:
description: description:
- This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, - This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy,
TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.
- Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to - Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed
ports in the specified range will be forwarded to target. to ports in the specified range will be forwarded to target.
- Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port - Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint
ranges. port ranges.
- 'Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: - 'Some types of forwarding target have constraints on the acceptable ports:
80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25,
587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy:
143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway:
500, 4500 .' 500, 4500 .'
returned: success returned: success
type: str type: str
ports: ports:
description: description:
- This field is used along with the backend_service field for internal load balancing. - This field is used along with the backend_service field for internal load
- When the load balancing scheme is INTERNAL, a single port or a comma separated list balancing.
of ports can be configured. Only packets addressed to these ports will be forwarded - When the load balancing scheme is INTERNAL, a single port or a comma separated
to the backends configured with this forwarding rule. list of ports can be configured. Only packets addressed to these ports will
be forwarded to the backends configured with this forwarding rule.
- You may specify a maximum of up to 5 ports. - You may specify a maximum of up to 5 ports.
returned: success returned: success
type: list type: list
subnetwork: subnetwork:
description: description:
- A reference to a subnetwork. - A reference to a subnetwork.
- For internal load balancing, this field identifies the subnetwork that the load - For internal load balancing, this field identifies the subnetwork that the
balanced IP should belong to for this Forwarding Rule. load balanced IP should belong to for this Forwarding Rule.
- If the network specified is in auto subnet mode, this field is optional. However, - If the network specified is in auto subnet mode, this field is optional. However,
if the network is in custom subnet mode, a subnetwork must be specified. if the network is in custom subnet mode, a subnetwork must be specified.
- This field is not used for external load balancing. - This field is not used for external load balancing.
@ -192,8 +194,8 @@ items:
type: str type: str
target: target:
description: description:
- This target must be a global load balancing resource. The forwarded traffic must - This target must be a global load balancing resource. The forwarded traffic
be of a type appropriate to the target object. must be of a type appropriate to the target object.
- 'Valid types: HTTP_PROXY, HTTPS_PROXY, SSL_PROXY, TCP_PROXY .' - 'Valid types: HTTP_PROXY, HTTPS_PROXY, SSL_PROXY, TCP_PROXY .'
returned: success returned: success
type: str type: str
@ -217,7 +219,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

209
plugins/modules/gcp_compute_health_check.py
View file

@ -52,13 +52,15 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
check_interval_sec: check_interval_sec:
description: description:
- How often (in seconds) to send a health check. The default value is 5 seconds. - How often (in seconds) to send a health check. The default value is 5 seconds.
required: false required: false
default: 5 default: '5'
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -66,40 +68,45 @@ options:
required: false required: false
healthy_threshold: healthy_threshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
required: false required: false
default: 2 default: '2'
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
timeout_sec: timeout_sec:
description: description:
- How long (in seconds) to wait before claiming failure. - How long (in seconds) to wait before claiming failure.
- The default value is 5 seconds. It is invalid for timeoutSec to have greater value - The default value is 5 seconds. It is invalid for timeoutSec to have greater
than checkIntervalSec. value than checkIntervalSec.
required: false required: false
default: 5 default: '5'
aliases: [timeout_seconds] aliases:
- timeout_seconds
unhealthy_threshold: unhealthy_threshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
required: false required: false
default: 2 default: '2'
type: type:
description: description:
- Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, - Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not
the default is TCP. Exactly one of the protocol-specific health check field must specified, the default is TCP. Exactly one of the protocol-specific health check
be specified, which must match type field. field must be specified, which must match type field.
required: false required: false
choices: ['TCP', 'SSL', 'HTTP', 'HTTPS'] choices:
- TCP
- SSL
- HTTP
- HTTPS
http_health_check: http_health_check:
description: description:
- A nested object resource. - A nested object resource.
@ -108,15 +115,15 @@ options:
host: host:
description: description:
- The value of the host header in the HTTP health check request. - The value of the host header in the HTTP health check request.
- If left empty (default value), the public IP on behalf of which this health check - If left empty (default value), the public IP on behalf of which this health
is performed will be used. check is performed will be used.
required: false required: false
request_path: request_path:
description: description:
- The request path of the HTTP health check request. - The request path of the HTTP health check request.
- The default value is /. - The default value is /.
required: false required: false
default: / default: "/"
port: port:
description: description:
- The TCP port number for the HTTP health check request. - The TCP port number for the HTTP health check request.
@ -129,11 +136,13 @@ options:
required: false required: false
proxy_header: proxy_header:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
required: false required: false
default: NONE default: NONE
choices: ['NONE', 'PROXY_V1'] choices:
- NONE
- PROXY_V1
https_health_check: https_health_check:
description: description:
- A nested object resource. - A nested object resource.
@ -142,15 +151,15 @@ options:
host: host:
description: description:
- The value of the host header in the HTTPS health check request. - The value of the host header in the HTTPS health check request.
- If left empty (default value), the public IP on behalf of which this health check - If left empty (default value), the public IP on behalf of which this health
is performed will be used. check is performed will be used.
required: false required: false
request_path: request_path:
description: description:
- The request path of the HTTPS health check request. - The request path of the HTTPS health check request.
- The default value is /. - The default value is /.
required: false required: false
default: / default: "/"
port: port:
description: description:
- The TCP port number for the HTTPS health check request. - The TCP port number for the HTTPS health check request.
@ -163,11 +172,13 @@ options:
required: false required: false
proxy_header: proxy_header:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
required: false required: false
default: NONE default: NONE
choices: ['NONE', 'PROXY_V1'] choices:
- NONE
- PROXY_V1
tcp_health_check: tcp_health_check:
description: description:
- A nested object resource. - A nested object resource.
@ -175,15 +186,15 @@ options:
suboptions: suboptions:
request: request:
description: description:
- The application data to send once the TCP connection has been established (default - The application data to send once the TCP connection has been established
value is empty). If both request and response are empty, the connection establishment (default value is empty). If both request and response are empty, the connection
alone will indicate health. The request data can only be ASCII. establishment alone will indicate health. The request data can only be ASCII.
required: false required: false
response: response:
description: description:
- The bytes to match against the beginning of the response data. If left empty (the - The bytes to match against the beginning of the response data. If left empty
default value), any response will indicate health. The response data can only be (the default value), any response will indicate health. The response data
ASCII. can only be ASCII.
required: false required: false
port: port:
description: description:
@ -197,11 +208,13 @@ options:
required: false required: false
proxy_header: proxy_header:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
required: false required: false
default: NONE default: NONE
choices: ['NONE', 'PROXY_V1'] choices:
- NONE
- PROXY_V1
ssl_health_check: ssl_health_check:
description: description:
- A nested object resource. - A nested object resource.
@ -209,15 +222,15 @@ options:
suboptions: suboptions:
request: request:
description: description:
- The application data to send once the SSL connection has been established (default - The application data to send once the SSL connection has been established
value is empty). If both request and response are empty, the connection establishment (default value is empty). If both request and response are empty, the connection
alone will indicate health. The request data can only be ASCII. establishment alone will indicate health. The request data can only be ASCII.
required: false required: false
response: response:
description: description:
- The bytes to match against the beginning of the response data. If left empty (the - The bytes to match against the beginning of the response data. If left empty
default value), any response will indicate health. The response data can only be (the default value), any response will indicate health. The response data
ASCII. can only be ASCII.
required: false required: false
port: port:
description: description:
@ -231,15 +244,17 @@ options:
required: false required: false
proxy_header: proxy_header:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
required: false required: false
default: NONE default: NONE
choices: ['NONE', 'PROXY_V1'] choices:
- NONE
- PROXY_V1
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/latest/healthChecks)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/latest/healthChecks)'
- "Official Documentation: U(https://cloud.google.com/load-balancing/docs/health-checks)" - 'Official Documentation: U(https://cloud.google.com/load-balancing/docs/health-checks)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -279,8 +294,8 @@ RETURN = '''
type: str type: str
healthyThreshold: healthyThreshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
returned: success returned: success
type: int type: int
id: id:
@ -290,12 +305,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
timeoutSec: timeoutSec:
@ -307,15 +322,15 @@ RETURN = '''
type: int type: int
unhealthyThreshold: unhealthyThreshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
returned: success returned: success
type: int type: int
type: type:
description: description:
- Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, - Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not
the default is TCP. Exactly one of the protocol-specific health check field must specified, the default is TCP. Exactly one of the protocol-specific health check
be specified, which must match type field. field must be specified, which must match type field.
returned: success returned: success
type: str type: str
httpHealthCheck: httpHealthCheck:
@ -327,8 +342,8 @@ RETURN = '''
host: host:
description: description:
- The value of the host header in the HTTP health check request. - The value of the host header in the HTTP health check request.
- If left empty (default value), the public IP on behalf of which this health check - If left empty (default value), the public IP on behalf of which this health
is performed will be used. check is performed will be used.
returned: success returned: success
type: str type: str
requestPath: requestPath:
@ -364,8 +379,8 @@ RETURN = '''
host: host:
description: description:
- The value of the host header in the HTTPS health check request. - The value of the host header in the HTTPS health check request.
- If left empty (default value), the public IP on behalf of which this health check - If left empty (default value), the public IP on behalf of which this health
is performed will be used. check is performed will be used.
returned: success returned: success
type: str type: str
requestPath: requestPath:
@ -400,16 +415,16 @@ RETURN = '''
contains: contains:
request: request:
description: description:
- The application data to send once the TCP connection has been established (default - The application data to send once the TCP connection has been established
value is empty). If both request and response are empty, the connection establishment (default value is empty). If both request and response are empty, the connection
alone will indicate health. The request data can only be ASCII. establishment alone will indicate health. The request data can only be ASCII.
returned: success returned: success
type: str type: str
response: response:
description: description:
- The bytes to match against the beginning of the response data. If left empty (the - The bytes to match against the beginning of the response data. If left empty
default value), any response will indicate health. The response data can only be (the default value), any response will indicate health. The response data
ASCII. can only be ASCII.
returned: success returned: success
type: str type: str
port: port:
@ -438,16 +453,16 @@ RETURN = '''
contains: contains:
request: request:
description: description:
- The application data to send once the SSL connection has been established (default - The application data to send once the SSL connection has been established
value is empty). If both request and response are empty, the connection establishment (default value is empty). If both request and response are empty, the connection
alone will indicate health. The request data can only be ASCII. establishment alone will indicate health. The request data can only be ASCII.
returned: success returned: success
type: str type: str
response: response:
description: description:
- The bytes to match against the beginning of the response data. If left empty (the - The bytes to match against the beginning of the response data. If left empty
default value), any response will indicate health. The response data can only be (the default value), any response will indicate health. The response data
ASCII. can only be ASCII.
returned: success returned: success
type: str type: str
port: port:
@ -583,10 +598,10 @@ def resource_to_request(module):
u'timeoutSec': module.params.get('timeout_sec'), u'timeoutSec': module.params.get('timeout_sec'),
u'unhealthyThreshold': module.params.get('unhealthy_threshold'), u'unhealthyThreshold': module.params.get('unhealthy_threshold'),
u'type': module.params.get('type'), u'type': module.params.get('type'),
u'httpHealthCheck': HealthCheckHttpHealthCheck(module.params.get('http_health_check', {}), module).to_request(), u'httpHealthCheck': HealthCheckHttphealthcheck(module.params.get('http_health_check', {}), module).to_request(),
u'httpsHealthCheck': HealthCheckHttpsHealthCheck(module.params.get('https_health_check', {}), module).to_request(), u'httpsHealthCheck': HealthCheckHttpshealthcheck(module.params.get('https_health_check', {}), module).to_request(),
u'tcpHealthCheck': HealthCheckTcpHealthCheck(module.params.get('tcp_health_check', {}), module).to_request(), u'tcpHealthCheck': HealthCheckTcphealthcheck(module.params.get('tcp_health_check', {}), module).to_request(),
u'sslHealthCheck': HealthCheckSslHealthCheck(module.params.get('ssl_health_check', {}), module).to_request() u'sslHealthCheck': HealthCheckSslhealthcheck(module.params.get('ssl_health_check', {}), module).to_request()
} }
return_vals = {} return_vals = {}
for k, v in request.items(): for k, v in request.items():
@ -661,10 +676,10 @@ def response_to_hash(module, response):
u'timeoutSec': response.get(u'timeoutSec'), u'timeoutSec': response.get(u'timeoutSec'),
u'unhealthyThreshold': response.get(u'unhealthyThreshold'), u'unhealthyThreshold': response.get(u'unhealthyThreshold'),
u'type': response.get(u'type'), u'type': response.get(u'type'),
u'httpHealthCheck': HealthCheckHttpHealthCheck(response.get(u'httpHealthCheck', {}), module).from_response(), u'httpHealthCheck': HealthCheckHttphealthcheck(response.get(u'httpHealthCheck', {}), module).from_response(),
u'httpsHealthCheck': HealthCheckHttpsHealthCheck(response.get(u'httpsHealthCheck', {}), module).from_response(), u'httpsHealthCheck': HealthCheckHttpshealthcheck(response.get(u'httpsHealthCheck', {}), module).from_response(),
u'tcpHealthCheck': HealthCheckTcpHealthCheck(response.get(u'tcpHealthCheck', {}), module).from_response(), u'tcpHealthCheck': HealthCheckTcphealthcheck(response.get(u'tcpHealthCheck', {}), module).from_response(),
u'sslHealthCheck': HealthCheckSslHealthCheck(response.get(u'sslHealthCheck', {}), module).from_response() u'sslHealthCheck': HealthCheckSslhealthcheck(response.get(u'sslHealthCheck', {}), module).from_response()
} }
@ -692,8 +707,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -705,7 +718,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class HealthCheckHttpHealthCheck(object): class HealthCheckHttphealthcheck(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -732,7 +745,7 @@ class HealthCheckHttpHealthCheck(object):
}) })
class HealthCheckHttpsHealthCheck(object): class HealthCheckHttpshealthcheck(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -759,7 +772,7 @@ class HealthCheckHttpsHealthCheck(object):
}) })
class HealthCheckTcpHealthCheck(object): class HealthCheckTcphealthcheck(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -786,7 +799,7 @@ class HealthCheckTcpHealthCheck(object):
}) })
class HealthCheckSslHealthCheck(object): class HealthCheckSslhealthcheck(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

108
plugins/modules/gcp_compute_health_check_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -84,43 +83,44 @@ items:
type: str type: str
healthyThreshold: healthyThreshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
returned: success returned: success
type: int type: int
id: id:
description: description:
- The unique identifier for the resource. This identifier is defined by the server. - The unique identifier for the resource. This identifier is defined by the
server.
returned: success returned: success
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
timeoutSec: timeoutSec:
description: description:
- How long (in seconds) to wait before claiming failure. - How long (in seconds) to wait before claiming failure.
- The default value is 5 seconds. It is invalid for timeoutSec to have greater value - The default value is 5 seconds. It is invalid for timeoutSec to have greater
than checkIntervalSec. value than checkIntervalSec.
returned: success returned: success
type: int type: int
unhealthyThreshold: unhealthyThreshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
returned: success returned: success
type: int type: int
type: type:
description: description:
- Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, - Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If
the default is TCP. Exactly one of the protocol-specific health check field must not specified, the default is TCP. Exactly one of the protocol-specific health
be specified, which must match type field. check field must be specified, which must match type field.
returned: success returned: success
type: str type: str
httpHealthCheck: httpHealthCheck:
@ -132,8 +132,8 @@ items:
host: host:
description: description:
- The value of the host header in the HTTP health check request. - The value of the host header in the HTTP health check request.
- If left empty (default value), the public IP on behalf of which this health check - If left empty (default value), the public IP on behalf of which this health
is performed will be used. check is performed will be used.
returned: success returned: success
type: str type: str
requestPath: requestPath:
@ -150,14 +150,14 @@ items:
type: int type: int
portName: portName:
description: description:
- Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name - Port name as defined in InstanceGroup#NamedPort#name. If both port and
are defined, port takes precedence. port_name are defined, port takes precedence.
returned: success returned: success
type: str type: str
proxyHeader: proxyHeader:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
returned: success returned: success
type: str type: str
httpsHealthCheck: httpsHealthCheck:
@ -169,8 +169,8 @@ items:
host: host:
description: description:
- The value of the host header in the HTTPS health check request. - The value of the host header in the HTTPS health check request.
- If left empty (default value), the public IP on behalf of which this health check - If left empty (default value), the public IP on behalf of which this health
is performed will be used. check is performed will be used.
returned: success returned: success
type: str type: str
requestPath: requestPath:
@ -187,14 +187,14 @@ items:
type: int type: int
portName: portName:
description: description:
- Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name - Port name as defined in InstanceGroup#NamedPort#name. If both port and
are defined, port takes precedence. port_name are defined, port takes precedence.
returned: success returned: success
type: str type: str
proxyHeader: proxyHeader:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
returned: success returned: success
type: str type: str
tcpHealthCheck: tcpHealthCheck:
@ -205,16 +205,17 @@ items:
contains: contains:
request: request:
description: description:
- The application data to send once the TCP connection has been established (default - The application data to send once the TCP connection has been established
value is empty). If both request and response are empty, the connection establishment (default value is empty). If both request and response are empty, the
alone will indicate health. The request data can only be ASCII. connection establishment alone will indicate health. The request data
can only be ASCII.
returned: success returned: success
type: str type: str
response: response:
description: description:
- The bytes to match against the beginning of the response data. If left empty (the - The bytes to match against the beginning of the response data. If left
default value), any response will indicate health. The response data can only be empty (the default value), any response will indicate health. The response
ASCII. data can only be ASCII.
returned: success returned: success
type: str type: str
port: port:
@ -225,14 +226,14 @@ items:
type: int type: int
portName: portName:
description: description:
- Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name - Port name as defined in InstanceGroup#NamedPort#name. If both port and
are defined, port takes precedence. port_name are defined, port takes precedence.
returned: success returned: success
type: str type: str
proxyHeader: proxyHeader:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
returned: success returned: success
type: str type: str
sslHealthCheck: sslHealthCheck:
@ -243,16 +244,17 @@ items:
contains: contains:
request: request:
description: description:
- The application data to send once the SSL connection has been established (default - The application data to send once the SSL connection has been established
value is empty). If both request and response are empty, the connection establishment (default value is empty). If both request and response are empty, the
alone will indicate health. The request data can only be ASCII. connection establishment alone will indicate health. The request data
can only be ASCII.
returned: success returned: success
type: str type: str
response: response:
description: description:
- The bytes to match against the beginning of the response data. If left empty (the - The bytes to match against the beginning of the response data. If left
default value), any response will indicate health. The response data can only be empty (the default value), any response will indicate health. The response
ASCII. data can only be ASCII.
returned: success returned: success
type: str type: str
port: port:
@ -263,14 +265,14 @@ items:
type: int type: int
portName: portName:
description: description:
- Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name - Port name as defined in InstanceGroup#NamedPort#name. If both port and
are defined, port takes precedence. port_name are defined, port takes precedence.
returned: success returned: success
type: str type: str
proxyHeader: proxyHeader:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the
either NONE or PROXY_V1. The default is NONE. backend, either NONE or PROXY_V1. The default is NONE.
returned: success returned: success
type: str type: str
''' '''
@ -293,7 +295,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

70
plugins/modules/gcp_compute_http_health_check.py
View file

@ -45,14 +45,17 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
check_interval_sec: check_interval_sec:
description: description:
- How often (in seconds) to send a health check. The default value is 5 seconds. - How often (in seconds) to send a health check. The default value is 5 seconds.
required: false required: false
default: 5 default: '5'
aliases: [check_interval_seconds] aliases:
- check_interval_seconds
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -60,23 +63,23 @@ options:
required: false required: false
healthy_threshold: healthy_threshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
required: false required: false
host: host:
description: description:
- The value of the host header in the HTTP health check request. If left empty (default - The value of the host header in the HTTP health check request. If left empty
value), the public IP on behalf of which this health check is performed will be (default value), the public IP on behalf of which this health check is performed
used. will be used.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
port: port:
description: description:
@ -91,19 +94,20 @@ options:
timeout_sec: timeout_sec:
description: description:
- How long (in seconds) to wait before claiming failure. - How long (in seconds) to wait before claiming failure.
- The default value is 5 seconds. It is invalid for timeoutSec to have greater value - The default value is 5 seconds. It is invalid for timeoutSec to have greater
than checkIntervalSec. value than checkIntervalSec.
required: false required: false
aliases: [timeout_seconds] aliases:
- timeout_seconds
unhealthy_threshold: unhealthy_threshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/httpHealthChecks)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/httpHealthChecks)'
- "Adding Health Checks: U(https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks)" - 'Adding Health Checks: U(https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -139,8 +143,8 @@ RETURN = '''
type: str type: str
healthyThreshold: healthyThreshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
returned: success returned: success
type: int type: int
host: host:
@ -157,12 +161,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
port: port:
@ -186,8 +190,8 @@ RETURN = '''
type: int type: int
unhealthyThreshold: unhealthyThreshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
returned: success returned: success
type: int type: int
''' '''
@ -384,8 +388,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

42
plugins/modules/gcp_compute_http_health_check_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -84,30 +83,31 @@ items:
type: str type: str
healthyThreshold: healthyThreshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
returned: success returned: success
type: int type: int
host: host:
description: description:
- The value of the host header in the HTTP health check request. If left empty (default - The value of the host header in the HTTP health check request. If left empty
value), the public IP on behalf of which this health check is performed will be (default value), the public IP on behalf of which this health check is performed
used. will be used.
returned: success returned: success
type: str type: str
id: id:
description: description:
- The unique identifier for the resource. This identifier is defined by the server. - The unique identifier for the resource. This identifier is defined by the
server.
returned: success returned: success
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
port: port:
@ -125,14 +125,14 @@ items:
timeoutSec: timeoutSec:
description: description:
- How long (in seconds) to wait before claiming failure. - How long (in seconds) to wait before claiming failure.
- The default value is 5 seconds. It is invalid for timeoutSec to have greater value - The default value is 5 seconds. It is invalid for timeoutSec to have greater
than checkIntervalSec. value than checkIntervalSec.
returned: success returned: success
type: int type: int
unhealthyThreshold: unhealthyThreshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
returned: success returned: success
type: int type: int
''' '''
@ -155,7 +155,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

71
plugins/modules/gcp_compute_https_health_check.py
View file

@ -45,8 +45,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
check_interval_sec: check_interval_sec:
description: description:
- How often (in seconds) to send a health check. The default value is 5 seconds. - How often (in seconds) to send a health check. The default value is 5 seconds.
@ -58,23 +60,23 @@ options:
required: false required: false
healthy_threshold: healthy_threshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
required: false required: false
host: host:
description: description:
- The value of the host header in the HTTPS health check request. If left empty (default - The value of the host header in the HTTPS health check request. If left empty
value), the public IP on behalf of which this health check is performed will be (default value), the public IP on behalf of which this health check is performed
used. will be used.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
port: port:
description: description:
@ -89,19 +91,20 @@ options:
timeout_sec: timeout_sec:
description: description:
- How long (in seconds) to wait before claiming failure. - How long (in seconds) to wait before claiming failure.
- The default value is 5 seconds. It is invalid for timeoutSec to have greater value - The default value is 5 seconds. It is invalid for timeoutSec to have greater
than checkIntervalSec. value than checkIntervalSec.
required: false required: false
aliases: [timeout_seconds] aliases:
- timeout_seconds
unhealthy_threshold: unhealthy_threshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/httpsHealthChecks)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/httpsHealthChecks)'
- "Adding Health Checks: U(https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks)" - 'Adding Health Checks: U(https://cloud.google.com/compute/docs/load-balancing/health-checks#legacy_health_checks)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -137,15 +140,15 @@ RETURN = '''
type: str type: str
healthyThreshold: healthyThreshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
returned: success returned: success
type: int type: int
host: host:
description: description:
- The value of the host header in the HTTPS health check request. If left empty (default - The value of the host header in the HTTPS health check request. If left empty
value), the public IP on behalf of which this health check is performed will be (default value), the public IP on behalf of which this health check is performed
used. will be used.
returned: success returned: success
type: str type: str
id: id:
@ -155,12 +158,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
port: port:
@ -184,8 +187,8 @@ RETURN = '''
type: int type: int
unhealthyThreshold: unhealthyThreshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
returned: success returned: success
type: int type: int
''' '''
@ -382,8 +385,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

42
plugins/modules/gcp_compute_https_health_check_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -84,30 +83,31 @@ items:
type: str type: str
healthyThreshold: healthyThreshold:
description: description:
- A so-far unhealthy instance will be marked healthy after this many consecutive successes. - A so-far unhealthy instance will be marked healthy after this many consecutive
The default value is 2. successes. The default value is 2.
returned: success returned: success
type: int type: int
host: host:
description: description:
- The value of the host header in the HTTPS health check request. If left empty (default - The value of the host header in the HTTPS health check request. If left empty
value), the public IP on behalf of which this health check is performed will be (default value), the public IP on behalf of which this health check is performed
used. will be used.
returned: success returned: success
type: str type: str
id: id:
description: description:
- The unique identifier for the resource. This identifier is defined by the server. - The unique identifier for the resource. This identifier is defined by the
server.
returned: success returned: success
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
port: port:
@ -125,14 +125,14 @@ items:
timeoutSec: timeoutSec:
description: description:
- How long (in seconds) to wait before claiming failure. - How long (in seconds) to wait before claiming failure.
- The default value is 5 seconds. It is invalid for timeoutSec to have greater value - The default value is 5 seconds. It is invalid for timeoutSec to have greater
than checkIntervalSec. value than checkIntervalSec.
returned: success returned: success
type: int type: int
unhealthyThreshold: unhealthyThreshold:
description: description:
- A so-far healthy instance will be marked unhealthy after this many consecutive failures. - A so-far healthy instance will be marked unhealthy after this many consecutive
The default value is 2. failures. The default value is 2.
returned: success returned: success
type: int type: int
''' '''
@ -155,7 +155,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

229
plugins/modules/gcp_compute_image.py
View file

@ -54,8 +54,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -67,18 +69,18 @@ options:
required: false required: false
family: family:
description: description:
- The name of the image family to which this image belongs. You can create disks by - The name of the image family to which this image belongs. You can create disks
specifying an image family instead of a specific image name. The image family always by specifying an image family instead of a specific image name. The image family
returns its latest image that is not deprecated. The name of the image family must always returns its latest image that is not deprecated. The name of the image
comply with RFC1035. family must comply with RFC1035.
required: false required: false
guest_os_features: guest_os_features:
description: description:
- A list of features to enable on the guest OS. Applicable for bootable images only. - A list of features to enable on the guest OS. Applicable for bootable images
Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE, which allows only. Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE, which
each virtual CPU to have its own queue. For Windows images, you can only enable allows each virtual CPU to have its own queue. For Windows images, you can only
VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux enable VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher.
images with kernel versions 3.17 and higher will support VIRTIO_SCSI_MULTIQUEUE. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSI_MULTIQUEUE.
- For new Windows images, the server might also populate this field with the value - For new Windows images, the server might also populate this field with the value
WINDOWS, to indicate that this is a Windows image. WINDOWS, to indicate that this is a Windows image.
- This value is purely informational and does not enable or disable any features. - This value is purely informational and does not enable or disable any features.
@ -87,27 +89,28 @@ options:
type: type:
description: description:
- The type of supported feature. Currenty only VIRTIO_SCSI_MULTIQUEUE is supported. - The type of supported feature. Currenty only VIRTIO_SCSI_MULTIQUEUE is supported.
For newer Windows images, the server might also populate this property with the For newer Windows images, the server might also populate this property with
value WINDOWS to indicate that this is a Windows image. This value is purely informational the value WINDOWS to indicate that this is a Windows image. This value is
and does not enable or disable any features. purely informational and does not enable or disable any features.
required: false required: false
choices: ['VIRTIO_SCSI_MULTIQUEUE'] choices:
- VIRTIO_SCSI_MULTIQUEUE
image_encryption_key: image_encryption_key:
description: description:
- Encrypts the image using a customer-supplied encryption key. - Encrypts the image using a customer-supplied encryption key.
- After you encrypt an image with a customer-supplied key, you must provide the same - After you encrypt an image with a customer-supplied key, you must provide the
key if you use the image later (e.g. to create a disk from the image) . same key if you use the image later (e.g. to create a disk from the image) .
required: false required: false
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
licenses: licenses:
description: description:
@ -115,12 +118,12 @@ options:
required: false required: false
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
raw_disk: raw_disk:
description: description:
@ -129,11 +132,12 @@ options:
suboptions: suboptions:
container_type: container_type:
description: description:
- The format used to encode and transmit the block device, which should be TAR. This - The format used to encode and transmit the block device, which should be
is just a container and transmission format and not a runtime format. Provided by TAR. This is just a container and transmission format and not a runtime
the client when the disk image is created. format. Provided by the client when the disk image is created.
required: false required: false
choices: ['TAR'] choices:
- TAR
sha1_checksum: sha1_checksum:
description: description:
- An optional SHA1 checksum of the disk image before unpackaging. - An optional SHA1 checksum of the disk image before unpackaging.
@ -141,18 +145,18 @@ options:
required: false required: false
source: source:
description: description:
- The full Google Cloud Storage URL where disk storage is stored You must provide - The full Google Cloud Storage URL where disk storage is stored You must
either this property or the sourceDisk property but not both. provide either this property or the sourceDisk property but not both.
required: false required: false
source_disk: source_disk:
description: description:
- Refers to a gcompute_disk object You must provide either this property or the rawDisk.source - Refers to a gcompute_disk object You must provide either this property or the
property but not both to create an image. rawDisk.source property but not both to create an image.
- 'This field represents a link to a Disk resource in GCP. It can be specified in - 'This field represents a link to a Disk resource in GCP. It can be specified
two ways. You can add `register: name-of-resource` to a gcp_compute_disk task and in two ways. You can add `register: name-of-resource` to a gcp_compute_disk
then set this source_disk field to "{{ name-of-resource }}" Alternatively, you can task and then set this source_disk field to "{{ name-of-resource }}" Alternatively,
set this source_disk to a dictionary with the selfLink key where the value is the you can set this source_disk to a dictionary with the selfLink key where the
selfLink of your Disk.' value is the selfLink of your Disk'
required: false required: false
source_disk_encryption_key: source_disk_encryption_key:
description: description:
@ -162,26 +166,27 @@ options:
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
source_disk_id: source_disk_id:
description: description:
- The ID value of the disk used to create this image. This value may be used to determine - The ID value of the disk used to create this image. This value may be used to
whether the image was taken from the current or a previous instance of a given disk determine whether the image was taken from the current or a previous instance
name. of a given disk name.
required: false required: false
source_type: source_type:
description: description:
- The type of the image used to create this disk. The default and only value is RAW - The type of the image used to create this disk. The default and only value is
. RAW .
required: false required: false
choices: ['RAW'] choices:
- RAW
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -225,39 +230,39 @@ RETURN = '''
contains: contains:
deleted: deleted:
description: description:
- An optional RFC3339 timestamp on or after which the state of this resource is intended - An optional RFC3339 timestamp on or after which the state of this resource
to change to DELETED. This is only informational and the status will not change is intended to change to DELETED. This is only informational and the status
unless the client explicitly changes it. will not change unless the client explicitly changes it.
returned: success returned: success
type: str type: str
deprecated: deprecated:
description: description:
- An optional RFC3339 timestamp on or after which the state of this resource is intended - An optional RFC3339 timestamp on or after which the state of this resource
to change to DEPRECATED. This is only informational and the status will not change is intended to change to DEPRECATED. This is only informational and the status
unless the client explicitly changes it. will not change unless the client explicitly changes it.
returned: success returned: success
type: str type: str
obsolete: obsolete:
description: description:
- An optional RFC3339 timestamp on or after which the state of this resource is intended - An optional RFC3339 timestamp on or after which the state of this resource
to change to OBSOLETE. This is only informational and the status will not change is intended to change to OBSOLETE. This is only informational and the status
unless the client explicitly changes it. will not change unless the client explicitly changes it.
returned: success returned: success
type: str type: str
replacement: replacement:
description: description:
- The URL of the suggested replacement for a deprecated resource. - The URL of the suggested replacement for a deprecated resource.
- The suggested replacement resource must be the same kind of resource as the deprecated - The suggested replacement resource must be the same kind of resource as the
resource. deprecated resource.
returned: success returned: success
type: str type: str
state: state:
description: description:
- The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. - The deprecation state of this resource. This can be DEPRECATED, OBSOLETE,
Operations which create a new resource using a DEPRECATED resource will return successfully, or DELETED. Operations which create a new resource using a DEPRECATED resource
but with a warning indicating the deprecated resource and recommending its replacement. will return successfully, but with a warning indicating the deprecated resource
Operations which use OBSOLETE or DELETED resources will be rejected and result in and recommending its replacement. Operations which use OBSOLETE or DELETED
an error. resources will be rejected and result in an error.
returned: success returned: success
type: str type: str
description: description:
@ -273,10 +278,10 @@ RETURN = '''
type: int type: int
family: family:
description: description:
- The name of the image family to which this image belongs. You can create disks by - The name of the image family to which this image belongs. You can create disks
specifying an image family instead of a specific image name. The image family always by specifying an image family instead of a specific image name. The image family
returns its latest image that is not deprecated. The name of the image family must always returns its latest image that is not deprecated. The name of the image
comply with RFC1035. family must comply with RFC1035.
returned: success returned: success
type: str type: str
guestOsFeatures: guestOsFeatures:
@ -295,9 +300,9 @@ RETURN = '''
type: type:
description: description:
- The type of supported feature. Currenty only VIRTIO_SCSI_MULTIQUEUE is supported. - The type of supported feature. Currenty only VIRTIO_SCSI_MULTIQUEUE is supported.
For newer Windows images, the server might also populate this property with the For newer Windows images, the server might also populate this property with
value WINDOWS to indicate that this is a Windows image. This value is purely informational the value WINDOWS to indicate that this is a Windows image. This value is
and does not enable or disable any features. purely informational and does not enable or disable any features.
returned: success returned: success
type: str type: str
id: id:
@ -308,21 +313,21 @@ RETURN = '''
imageEncryptionKey: imageEncryptionKey:
description: description:
- Encrypts the image using a customer-supplied encryption key. - Encrypts the image using a customer-supplied encryption key.
- After you encrypt an image with a customer-supplied key, you must provide the same - After you encrypt an image with a customer-supplied key, you must provide the
key if you use the image later (e.g. to create a disk from the image) . same key if you use the image later (e.g. to create a disk from the image) .
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
licenses: licenses:
@ -332,12 +337,12 @@ RETURN = '''
type: list type: list
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
rawDisk: rawDisk:
@ -348,9 +353,9 @@ RETURN = '''
contains: contains:
containerType: containerType:
description: description:
- The format used to encode and transmit the block device, which should be TAR. This - The format used to encode and transmit the block device, which should be TAR.
is just a container and transmission format and not a runtime format. Provided by This is just a container and transmission format and not a runtime format.
the client when the disk image is created. Provided by the client when the disk image is created.
returned: success returned: success
type: str type: str
sha1Checksum: sha1Checksum:
@ -367,8 +372,8 @@ RETURN = '''
type: str type: str
sourceDisk: sourceDisk:
description: description:
- Refers to a gcompute_disk object You must provide either this property or the rawDisk.source - Refers to a gcompute_disk object You must provide either this property or the
property but not both to create an image. rawDisk.source property but not both to create an image.
returned: success returned: success
type: dict type: dict
sourceDiskEncryptionKey: sourceDiskEncryptionKey:
@ -380,27 +385,27 @@ RETURN = '''
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceDiskId: sourceDiskId:
description: description:
- The ID value of the disk used to create this image. This value may be used to determine - The ID value of the disk used to create this image. This value may be used to
whether the image was taken from the current or a previous instance of a given disk determine whether the image was taken from the current or a previous instance
name. of a given disk name.
returned: success returned: success
type: str type: str
sourceType: sourceType:
description: description:
- The type of the image used to create this disk. The default and only value is RAW - The type of the image used to create this disk. The default and only value is
. RAW .
returned: success returned: success
type: str type: str
''' '''
@ -503,13 +508,13 @@ def resource_to_request(module):
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'diskSizeGb': module.params.get('disk_size_gb'), u'diskSizeGb': module.params.get('disk_size_gb'),
u'family': module.params.get('family'), u'family': module.params.get('family'),
u'guestOsFeatures': ImageGuestOsFeaturesArray(module.params.get('guest_os_features', []), module).to_request(), u'guestOsFeatures': ImageGuestosfeaturesArray(module.params.get('guest_os_features', []), module).to_request(),
u'imageEncryptionKey': ImageImageEncryptionKey(module.params.get('image_encryption_key', {}), module).to_request(), u'imageEncryptionKey': ImageImageencryptionkey(module.params.get('image_encryption_key', {}), module).to_request(),
u'licenses': module.params.get('licenses'), u'licenses': module.params.get('licenses'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'rawDisk': ImageRawDisk(module.params.get('raw_disk', {}), module).to_request(), u'rawDisk': ImageRawdisk(module.params.get('raw_disk', {}), module).to_request(),
u'sourceDisk': replace_resource_dict(module.params.get(u'source_disk', {}), 'selfLink'), u'sourceDisk': replace_resource_dict(module.params.get(u'source_disk', {}), 'selfLink'),
u'sourceDiskEncryptionKey': ImageSourceDiskEncryptionKey(module.params.get('source_disk_encryption_key', {}), module).to_request(), u'sourceDiskEncryptionKey': ImageSourcediskencryptionkey(module.params.get('source_disk_encryption_key', {}), module).to_request(),
u'sourceDiskId': module.params.get('source_disk_id'), u'sourceDiskId': module.params.get('source_disk_id'),
u'sourceType': module.params.get('source_type') u'sourceType': module.params.get('source_type')
} }
@ -583,14 +588,14 @@ def response_to_hash(module, response):
u'description': response.get(u'description'), u'description': response.get(u'description'),
u'diskSizeGb': response.get(u'diskSizeGb'), u'diskSizeGb': response.get(u'diskSizeGb'),
u'family': response.get(u'family'), u'family': response.get(u'family'),
u'guestOsFeatures': ImageGuestOsFeaturesArray(response.get(u'guestOsFeatures', []), module).from_response(), u'guestOsFeatures': ImageGuestosfeaturesArray(response.get(u'guestOsFeatures', []), module).from_response(),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'imageEncryptionKey': ImageImageEncryptionKey(response.get(u'imageEncryptionKey', {}), module).from_response(), u'imageEncryptionKey': ImageImageencryptionkey(response.get(u'imageEncryptionKey', {}), module).from_response(),
u'licenses': response.get(u'licenses'), u'licenses': response.get(u'licenses'),
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'rawDisk': ImageRawDisk(response.get(u'rawDisk', {}), module).from_response(), u'rawDisk': ImageRawdisk(response.get(u'rawDisk', {}), module).from_response(),
u'sourceDisk': response.get(u'sourceDisk'), u'sourceDisk': response.get(u'sourceDisk'),
u'sourceDiskEncryptionKey': ImageSourceDiskEncryptionKey(response.get(u'sourceDiskEncryptionKey', {}), module).from_response(), u'sourceDiskEncryptionKey': ImageSourcediskencryptionkey(response.get(u'sourceDiskEncryptionKey', {}), module).from_response(),
u'sourceDiskId': response.get(u'sourceDiskId'), u'sourceDiskId': response.get(u'sourceDiskId'),
u'sourceType': response.get(u'sourceType') u'sourceType': response.get(u'sourceType')
} }
@ -620,8 +625,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -660,7 +663,7 @@ class ImageDeprecated(object):
}) })
class ImageGuestOsFeaturesArray(object): class ImageGuestosfeaturesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -691,7 +694,7 @@ class ImageGuestOsFeaturesArray(object):
}) })
class ImageImageEncryptionKey(object): class ImageImageencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -712,7 +715,7 @@ class ImageImageEncryptionKey(object):
}) })
class ImageRawDisk(object): class ImageRawdisk(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -735,7 +738,7 @@ class ImageRawDisk(object):
}) })
class ImageSourceDiskEncryptionKey(object): class ImageSourcediskencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

133
plugins/modules/gcp_compute_image_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -84,39 +83,39 @@ items:
contains: contains:
deleted: deleted:
description: description:
- An optional RFC3339 timestamp on or after which the state of this resource is intended - An optional RFC3339 timestamp on or after which the state of this resource
to change to DELETED. This is only informational and the status will not change is intended to change to DELETED. This is only informational and the status
unless the client explicitly changes it. will not change unless the client explicitly changes it.
returned: success returned: success
type: str type: str
deprecated: deprecated:
description: description:
- An optional RFC3339 timestamp on or after which the state of this resource is intended - An optional RFC3339 timestamp on or after which the state of this resource
to change to DEPRECATED. This is only informational and the status will not change is intended to change to DEPRECATED. This is only informational and the
unless the client explicitly changes it. status will not change unless the client explicitly changes it.
returned: success returned: success
type: str type: str
obsolete: obsolete:
description: description:
- An optional RFC3339 timestamp on or after which the state of this resource is intended - An optional RFC3339 timestamp on or after which the state of this resource
to change to OBSOLETE. This is only informational and the status will not change is intended to change to OBSOLETE. This is only informational and the
unless the client explicitly changes it. status will not change unless the client explicitly changes it.
returned: success returned: success
type: str type: str
replacement: replacement:
description: description:
- The URL of the suggested replacement for a deprecated resource. - The URL of the suggested replacement for a deprecated resource.
- The suggested replacement resource must be the same kind of resource as the deprecated - The suggested replacement resource must be the same kind of resource as
resource. the deprecated resource.
returned: success returned: success
type: str type: str
state: state:
description: description:
- The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. - The deprecation state of this resource. This can be DEPRECATED, OBSOLETE,
Operations which create a new resource using a DEPRECATED resource will return successfully, or DELETED. Operations which create a new resource using a DEPRECATED
but with a warning indicating the deprecated resource and recommending its replacement. resource will return successfully, but with a warning indicating the deprecated
Operations which use OBSOLETE or DELETED resources will be rejected and result in resource and recommending its replacement. Operations which use OBSOLETE
an error. or DELETED resources will be rejected and result in an error.
returned: success returned: success
type: str type: str
description: description:
@ -132,56 +131,60 @@ items:
type: int type: int
family: family:
description: description:
- The name of the image family to which this image belongs. You can create disks by - The name of the image family to which this image belongs. You can create disks
specifying an image family instead of a specific image name. The image family always by specifying an image family instead of a specific image name. The image
returns its latest image that is not deprecated. The name of the image family must family always returns its latest image that is not deprecated. The name of
comply with RFC1035. the image family must comply with RFC1035.
returned: success returned: success
type: str type: str
guestOsFeatures: guestOsFeatures:
description: description:
- A list of features to enable on the guest OS. Applicable for bootable images only. - A list of features to enable on the guest OS. Applicable for bootable images
Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE, which allows only. Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE,
each virtual CPU to have its own queue. For Windows images, you can only enable which allows each virtual CPU to have its own queue. For Windows images, you
VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux can only enable VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621
images with kernel versions 3.17 and higher will support VIRTIO_SCSI_MULTIQUEUE. or higher. Linux images with kernel versions 3.17 and higher will support
- For new Windows images, the server might also populate this field with the value VIRTIO_SCSI_MULTIQUEUE.
WINDOWS, to indicate that this is a Windows image. - For new Windows images, the server might also populate this field with the
value WINDOWS, to indicate that this is a Windows image.
- This value is purely informational and does not enable or disable any features. - This value is purely informational and does not enable or disable any features.
returned: success returned: success
type: complex type: complex
contains: contains:
type: type:
description: description:
- The type of supported feature. Currenty only VIRTIO_SCSI_MULTIQUEUE is supported. - The type of supported feature. Currenty only VIRTIO_SCSI_MULTIQUEUE is
For newer Windows images, the server might also populate this property with the supported. For newer Windows images, the server might also populate this
value WINDOWS to indicate that this is a Windows image. This value is purely informational property with the value WINDOWS to indicate that this is a Windows image.
and does not enable or disable any features. This value is purely informational and does not enable or disable any
features.
returned: success returned: success
type: str type: str
id: id:
description: description:
- The unique identifier for the resource. This identifier is defined by the server. - The unique identifier for the resource. This identifier is defined by the
server.
returned: success returned: success
type: int type: int
imageEncryptionKey: imageEncryptionKey:
description: description:
- Encrypts the image using a customer-supplied encryption key. - Encrypts the image using a customer-supplied encryption key.
- After you encrypt an image with a customer-supplied key, you must provide the same - After you encrypt an image with a customer-supplied key, you must provide
key if you use the image later (e.g. to create a disk from the image) . the same key if you use the image later (e.g. to create a disk from the image)
.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
licenses: licenses:
@ -191,12 +194,12 @@ items:
type: list type: list
name: name:
description: description:
- Name of the resource; provided by the client when the resource is created. The name - Name of the resource; provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
rawDisk: rawDisk:
@ -207,9 +210,9 @@ items:
contains: contains:
containerType: containerType:
description: description:
- The format used to encode and transmit the block device, which should be TAR. This - The format used to encode and transmit the block device, which should
is just a container and transmission format and not a runtime format. Provided by be TAR. This is just a container and transmission format and not a runtime
the client when the disk image is created. format. Provided by the client when the disk image is created.
returned: success returned: success
type: str type: str
sha1Checksum: sha1Checksum:
@ -220,14 +223,14 @@ items:
type: str type: str
source: source:
description: description:
- The full Google Cloud Storage URL where disk storage is stored You must provide - The full Google Cloud Storage URL where disk storage is stored You must
either this property or the sourceDisk property but not both. provide either this property or the sourceDisk property but not both.
returned: success returned: success
type: str type: str
sourceDisk: sourceDisk:
description: description:
- Refers to a gcompute_disk object You must provide either this property or the rawDisk.source - Refers to a gcompute_disk object You must provide either this property or
property but not both to create an image. the rawDisk.source property but not both to create an image.
returned: success returned: success
type: dict type: dict
sourceDiskEncryptionKey: sourceDiskEncryptionKey:
@ -239,27 +242,27 @@ items:
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceDiskId: sourceDiskId:
description: description:
- The ID value of the disk used to create this image. This value may be used to determine - The ID value of the disk used to create this image. This value may be used
whether the image was taken from the current or a previous instance of a given disk to determine whether the image was taken from the current or a previous instance
name. of a given disk name.
returned: success returned: success
type: str type: str
sourceType: sourceType:
description: description:
- The type of the image used to create this disk. The default and only value is RAW - The type of the image used to create this disk. The default and only value
. is RAW .
returned: success returned: success
type: str type: str
''' '''
@ -282,7 +285,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

526
plugins/modules/gcp_compute_instance.py
View file

@ -44,39 +44,43 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
can_ip_forward: can_ip_forward:
description: description:
- Allows this instance to send and receive packets with non-matching destination or - Allows this instance to send and receive packets with non-matching destination
source IPs. This is required if you plan to use this instance to forward routes. or source IPs. This is required if you plan to use this instance to forward
routes.
required: false required: false
type: bool type: bool
disks: disks:
description: description:
- An array of disks that are associated with the instances that are created from this - An array of disks that are associated with the instances that are created from
template. this template.
required: false required: false
suboptions: suboptions:
auto_delete: auto_delete:
description: description:
- Specifies whether the disk will be auto-deleted when the instance is deleted (but - Specifies whether the disk will be auto-deleted when the instance is deleted
not when the disk is detached from the instance). (but not when the disk is detached from the instance).
- 'Tip: Disks should be set to autoDelete=true so that leftover disks are not left - 'Tip: Disks should be set to autoDelete=true so that leftover disks are
behind on machine deletion.' not left behind on machine deletion.'
required: false required: false
type: bool type: bool
boot: boot:
description: description:
- Indicates that this is a boot disk. The virtual machine will use the first partition - Indicates that this is a boot disk. The virtual machine will use the first
of the disk for its root filesystem. partition of the disk for its root filesystem.
required: false required: false
type: bool type: bool
device_name: device_name:
description: description:
- Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* - Specifies a unique device name of your choice that is reflected into the
tree of a Linux operating system running within the instance. This name can be used /dev/disk/by-id/google-* tree of a Linux operating system running within
to reference the device for mounting, resizing, and so on, from within the instance. the instance. This name can be used to reference the device for mounting,
resizing, and so on, from within the instance.
required: false required: false
disk_encryption_key: disk_encryption_key:
description: description:
@ -85,36 +89,37 @@ options:
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC
to either encrypt or decrypt this resource. 4648 base64 to either encrypt or decrypt this resource.
required: false required: false
rsa_encrypted_key: rsa_encrypted_key:
description: description:
- Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption - Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied
key to either encrypt or decrypt this resource. encryption key to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
index: index:
description: description:
- Assigns a zero-based index to this disk, where 0 is reserved for the boot disk. - Assigns a zero-based index to this disk, where 0 is reserved for the boot
For example, if you have many disks attached to an instance, each disk would have disk. For example, if you have many disks attached to an instance, each
a unique index number. If not specified, the server will choose an appropriate value. disk would have a unique index number. If not specified, the server will
choose an appropriate value.
required: false required: false
initialize_params: initialize_params:
description: description:
- Specifies the parameters for a new disk that will be created alongside the new instance. - Specifies the parameters for a new disk that will be created alongside the
Use initialization parameters to create boot disks or local SSDs attached to the new instance. Use initialization parameters to create boot disks or local
new instance. SSDs attached to the new instance.
required: false required: false
suboptions: suboptions:
disk_name: disk_name:
description: description:
- Specifies the disk name. If not specified, the default is to use the name of the - Specifies the disk name. If not specified, the default is to use the
instance. name of the instance.
required: false required: false
disk_size_gb: disk_size_gb:
description: description:
@ -128,61 +133,68 @@ options:
required: false required: false
source_image: source_image:
description: description:
- The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage - The source image to create this disk. When creating a new instance,
or disks.source is required. To create a disk with one of the public operating one of initializeParams.sourceImage or disks.source is required. To
system images, specify the image by its family name. create a disk with one of the public operating system images, specify
the image by its family name.
required: false required: false
source_image_encryption_key: source_image_encryption_key:
description: description:
- The customer-supplied encryption key of the source image. Required if the source - The customer-supplied encryption key of the source image. Required if
image is protected by a customer-supplied encryption key. the source image is protected by a customer-supplied encryption key.
- Instance templates do not store customer-supplied encryption keys, so you cannot - Instance templates do not store customer-supplied encryption keys, so
create disks for instances in a managed instance group if the source images are you cannot create disks for instances in a managed instance group if
encrypted with your own keys. the source images are encrypted with your own keys.
required: false required: false
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in
to either encrypt or decrypt this resource. RFC 4648 base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
that protects this resource. encryption key that protects this resource.
required: false required: false
interface: interface:
description: description:
- Specifies the disk interface to use for attaching this disk, which is either SCSI - Specifies the disk interface to use for attaching this disk, which is either
or NVME. The default is SCSI. SCSI or NVME. The default is SCSI.
- Persistent disks must always use SCSI and the request will fail if you attempt to - Persistent disks must always use SCSI and the request will fail if you attempt
attach a persistent disk in any other format than SCSI. to attach a persistent disk in any other format than SCSI.
required: false required: false
choices: ['SCSI', 'NVME'] choices:
- SCSI
- NVME
mode: mode:
description: description:
- The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, - The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If
the default is to attach the disk in READ_WRITE mode. not specified, the default is to attach the disk in READ_WRITE mode.
required: false required: false
choices: ['READ_WRITE', 'READ_ONLY'] choices:
- READ_WRITE
- READ_ONLY
source: source:
description: description:
- Reference to a gcompute_disk resource. When creating a new instance, one of initializeParams.sourceImage - Reference to a gcompute_disk resource. When creating a new instance, one
or disks.source is required. of initializeParams.sourceImage or disks.source is required.
- If desired, you can also attach existing non-root persistent disks using this property. - If desired, you can also attach existing non-root persistent disks using
This field is only applicable for persistent disks. this property. This field is only applicable for persistent disks.
- 'This field represents a link to a Disk resource in GCP. It can be specified in - 'This field represents a link to a Disk resource in GCP. It can be specified
two ways. You can add `register: name-of-resource` to a gcp_compute_disk task and in two ways. You can add `register: name-of-resource` to a gcp_compute_disk
then set this source field to "{{ name-of-resource }}" Alternatively, you can set task and then set this source field to "{{ name-of-resource }}" Alternatively,
this source to a dictionary with the selfLink key where the value is the selfLink you can set this source to a dictionary with the selfLink key where the
of your Disk.' value is the selfLink of your Disk'
required: false required: false
type: type:
description: description:
- Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, - Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified,
the default is PERSISTENT. the default is PERSISTENT.
required: false required: false
choices: ['SCRATCH', 'PERSISTENT'] choices:
- SCRATCH
- PERSISTENT
guest_accelerators: guest_accelerators:
description: description:
- List of the type and count of accelerator cards attached to the instance . - List of the type and count of accelerator cards attached to the instance .
@ -198,15 +210,16 @@ options:
required: false required: false
label_fingerprint: label_fingerprint:
description: description:
- A fingerprint for this request, which is essentially a hash of the metadata's contents - A fingerprint for this request, which is essentially a hash of the metadata's
and used for optimistic locking. The fingerprint is initially generated by Compute contents and used for optimistic locking. The fingerprint is initially generated
Engine and changes after every request to modify or update metadata. You must always by Compute Engine and changes after every request to modify or update metadata.
provide an up-to-date fingerprint hash in order to update or change metadata. You must always provide an up-to-date fingerprint hash in order to update or
change metadata.
required: false required: false
metadata: metadata:
description: description:
- The metadata key/value pairs to assign to instances that are created from this template. - The metadata key/value pairs to assign to instances that are created from this
These pairs can consist of custom metadata or predefined keys. template. These pairs can consist of custom metadata or predefined keys.
required: false required: false
machine_type: machine_type:
description: description:
@ -214,110 +227,112 @@ options:
required: false required: false
min_cpu_platform: min_cpu_platform:
description: description:
- Specifies a minimum CPU platform for the VM instance. Applicable values are the - Specifies a minimum CPU platform for the VM instance. Applicable values are
friendly names of CPU platforms . the friendly names of CPU platforms .
required: false required: false
name: name:
description: description:
- The name of the resource, provided by the client when initially creating the resource. - The name of the resource, provided by the client when initially creating the
The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, resource. The resource name must be 1-63 characters long, and comply with RFC1035.
the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` Specifically, the name must be 1-63 characters long and match the regular expression
which means the first character must be a lowercase letter, and all following characters `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase
must be a dash, lowercase letter, or digit, except the last character, which cannot letter, and all following characters must be a dash, lowercase letter, or digit,
be a dash. except the last character, which cannot be a dash.
required: false required: false
network_interfaces: network_interfaces:
description: description:
- An array of configurations for this interface. This specifies how this interface - An array of configurations for this interface. This specifies how this interface
is configured to interact with other network services, such as connecting to the is configured to interact with other network services, such as connecting to
internet. Only one network interface is supported per instance. the internet. Only one network interface is supported per instance.
required: false required: false
suboptions: suboptions:
access_configs: access_configs:
description: description:
- An array of configurations for this interface. Currently, only one access config, - An array of configurations for this interface. Currently, only one access
ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified,
instance will have no external internet access. then this instance will have no external internet access.
required: false required: false
suboptions: suboptions:
name: name:
description: description:
- The name of this access configuration. The default and recommended name is External - The name of this access configuration. The default and recommended name
NAT but you can use any arbitrary string you would like. For example, My external is External NAT but you can use any arbitrary string you would like.
IP or Network Access. For example, My external IP or Network Access.
required: true required: true
nat_ip: nat_ip:
description: description:
- Specifies the title of a gcompute_address. - Specifies the title of a gcompute_address.
- An external IP address associated with this instance. - An external IP address associated with this instance.
- Specify an unused static external IP address available to the project or leave this - Specify an unused static external IP address available to the project
field undefined to use an IP from a shared ephemeral IP address pool. If you specify or leave this field undefined to use an IP from a shared ephemeral IP
a static external IP address, it must live in the same region as the zone of the address pool. If you specify a static external IP address, it must live
instance. in the same region as the zone of the instance.
- 'This field represents a link to a Address resource in GCP. It can be specified - 'This field represents a link to a Address resource in GCP. It can be
in two ways. You can add `register: name-of-resource` to a gcp_compute_address task specified in two ways. You can add `register: name-of-resource` to a
and then set this nat_ip field to "{{ name-of-resource }}" Alternatively, you can gcp_compute_address task and then set this nat_ip field to "{{ name-of-resource
set this nat_ip to a dictionary with the address key where the value is the address }}" Alternatively, you can set this nat_ip to a dictionary with the
of your Address.' address key where the value is the address of your Address'
required: false required: false
type: type:
description: description:
- The type of configuration. The default and only option is ONE_TO_ONE_NAT. - The type of configuration. The default and only option is ONE_TO_ONE_NAT.
required: true required: true
choices: ['ONE_TO_ONE_NAT'] choices:
- ONE_TO_ONE_NAT
alias_ip_ranges: alias_ip_ranges:
description: description:
- An array of alias IP ranges for this network interface. Can only be specified for - An array of alias IP ranges for this network interface. Can only be specified
network interfaces on subnet-mode networks. for network interfaces on subnet-mode networks.
required: false required: false
suboptions: suboptions:
ip_cidr_range: ip_cidr_range:
description: description:
- The IP CIDR range represented by this alias IP range. - The IP CIDR range represented by this alias IP range.
- This IP CIDR range must belong to the specified subnetwork and cannot contain IP - This IP CIDR range must belong to the specified subnetwork and cannot
addresses reserved by system or used by other network interfaces. This range may contain IP addresses reserved by system or used by other network interfaces.
be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g.
(e.g. 10.1.2.0/24). /24) or a CIDR format string (e.g. 10.1.2.0/24).
required: false required: false
subnetwork_range_name: subnetwork_range_name:
description: description:
- Optional subnetwork secondary range name specifying the secondary range from which - Optional subnetwork secondary range name specifying the secondary range
to allocate the IP CIDR range for this alias IP range. If left unspecified, the from which to allocate the IP CIDR range for this alias IP range. If
primary range of the subnetwork will be used. left unspecified, the primary range of the subnetwork will be used.
required: false required: false
name: name:
description: description:
- The name of the network interface, generated by the server. For network devices, - The name of the network interface, generated by the server. For network
these are eth0, eth1, etc . devices, these are eth0, eth1, etc .
required: false required: false
network: network:
description: description:
- Specifies the title of an existing gcompute_network. When creating an instance, - Specifies the title of an existing gcompute_network. When creating an instance,
if neither the network nor the subnetwork is specified, the default network global/networks/default if neither the network nor the subnetwork is specified, the default network
is used; if the network is not specified but the subnetwork is specified, the network global/networks/default is used; if the network is not specified but the
is inferred. subnetwork is specified, the network is inferred.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the
of your Network.' value is the selfLink of your Network'
required: false required: false
network_ip: network_ip:
description: description:
- An IPv4 internal network address to assign to the instance for this network interface. - An IPv4 internal network address to assign to the instance for this network
If not specified by the user, an unused internal IP is assigned by the system. interface. If not specified by the user, an unused internal IP is assigned
by the system.
required: false required: false
subnetwork: subnetwork:
description: description:
- Reference to a gcompute_subnetwork resource. - Reference to a gcompute_subnetwork resource.
- If the network resource is in legacy mode, do not provide this property. If the - If the network resource is in legacy mode, do not provide this property.
network is in auto subnet mode, providing the subnetwork is optional. If the network If the network is in auto subnet mode, providing the subnetwork is optional.
is in custom subnet mode, then this field should be specified. If the network is in custom subnet mode, then this field should be specified.
- 'This field represents a link to a Subnetwork resource in GCP. It can be specified - 'This field represents a link to a Subnetwork resource in GCP. It can be
in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork specified in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork
task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively, task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively,
you can set this subnetwork to a dictionary with the selfLink key where the value you can set this subnetwork to a dictionary with the selfLink key where
is the selfLink of your Subnetwork.' the value is the selfLink of your Subnetwork'
required: false required: false
scheduling: scheduling:
description: description:
@ -326,29 +341,30 @@ options:
suboptions: suboptions:
automatic_restart: automatic_restart:
description: description:
- Specifies whether the instance should be automatically restarted if it is terminated - Specifies whether the instance should be automatically restarted if it is
by Compute Engine (not terminated by a user). terminated by Compute Engine (not terminated by a user).
- You can only set the automatic restart option for standard instances. Preemptible - You can only set the automatic restart option for standard instances. Preemptible
instances cannot be automatically restarted. instances cannot be automatically restarted.
required: false required: false
type: bool type: bool
on_host_maintenance: on_host_maintenance:
description: description:
- Defines the maintenance behavior for this instance. For standard instances, the - Defines the maintenance behavior for this instance. For standard instances,
default behavior is MIGRATE. For preemptible instances, the default and only possible the default behavior is MIGRATE. For preemptible instances, the default
behavior is TERMINATE. and only possible behavior is TERMINATE.
- For more information, see Setting Instance Scheduling Options. - For more information, see Setting Instance Scheduling Options.
required: false required: false
preemptible: preemptible:
description: description:
- Defines whether the instance is preemptible. This can only be set during instance - Defines whether the instance is preemptible. This can only be set during
creation, it cannot be set or changed after the instance has been created. instance creation, it cannot be set or changed after the instance has been
created.
required: false required: false
type: bool type: bool
service_accounts: service_accounts:
description: description:
- A list of service accounts, with their specified scopes, authorized for this instance. - A list of service accounts, with their specified scopes, authorized for this
Only one service account per VM instance is supported. instance. Only one service account per VM instance is supported.
required: false required: false
suboptions: suboptions:
email: email:
@ -369,15 +385,16 @@ options:
suboptions: suboptions:
fingerprint: fingerprint:
description: description:
- Specifies a fingerprint for this request, which is essentially a hash of the metadata's - Specifies a fingerprint for this request, which is essentially a hash of
contents and used for optimistic locking. the metadata's contents and used for optimistic locking.
- The fingerprint is initially generated by Compute Engine and changes after every - The fingerprint is initially generated by Compute Engine and changes after
request to modify or update metadata. You must always provide an up-to-date fingerprint every request to modify or update metadata. You must always provide an up-to-date
hash in order to update or change metadata. fingerprint hash in order to update or change metadata.
required: false required: false
items: items:
description: description:
- An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035. - An array of tags. Each tag must be 1-63 characters long, and comply with
RFC1035.
required: false required: false
zone: zone:
description: description:
@ -445,8 +462,8 @@ EXAMPLES = '''
RETURN = ''' RETURN = '''
canIpForward: canIpForward:
description: description:
- Allows this instance to send and receive packets with non-matching destination or - Allows this instance to send and receive packets with non-matching destination
source IPs. This is required if you plan to use this instance to forward routes. or source IPs. This is required if you plan to use this instance to forward routes.
returned: success returned: success
type: bool type: bool
cpuPlatform: cpuPlatform:
@ -461,30 +478,31 @@ RETURN = '''
type: str type: str
disks: disks:
description: description:
- An array of disks that are associated with the instances that are created from this - An array of disks that are associated with the instances that are created from
template. this template.
returned: success returned: success
type: complex type: complex
contains: contains:
autoDelete: autoDelete:
description: description:
- Specifies whether the disk will be auto-deleted when the instance is deleted (but - Specifies whether the disk will be auto-deleted when the instance is deleted
not when the disk is detached from the instance). (but not when the disk is detached from the instance).
- 'Tip: Disks should be set to autoDelete=true so that leftover disks are not left - 'Tip: Disks should be set to autoDelete=true so that leftover disks are not
behind on machine deletion.' left behind on machine deletion.'
returned: success returned: success
type: bool type: bool
boot: boot:
description: description:
- Indicates that this is a boot disk. The virtual machine will use the first partition - Indicates that this is a boot disk. The virtual machine will use the first
of the disk for its root filesystem. partition of the disk for its root filesystem.
returned: success returned: success
type: bool type: bool
deviceName: deviceName:
description: description:
- Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* - Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-*
tree of a Linux operating system running within the instance. This name can be used tree of a Linux operating system running within the instance. This name can
to reference the device for mounting, resizing, and so on, from within the instance. be used to reference the device for mounting, resizing, and so on, from within
the instance.
returned: success returned: success
type: str type: str
diskEncryptionKey: diskEncryptionKey:
@ -495,41 +513,42 @@ RETURN = '''
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
rsaEncryptedKey: rsaEncryptedKey:
description: description:
- Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption - Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied
key to either encrypt or decrypt this resource. encryption key to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
index: index:
description: description:
- Assigns a zero-based index to this disk, where 0 is reserved for the boot disk. - Assigns a zero-based index to this disk, where 0 is reserved for the boot
For example, if you have many disks attached to an instance, each disk would have disk. For example, if you have many disks attached to an instance, each disk
a unique index number. If not specified, the server will choose an appropriate value. would have a unique index number. If not specified, the server will choose
an appropriate value.
returned: success returned: success
type: int type: int
initializeParams: initializeParams:
description: description:
- Specifies the parameters for a new disk that will be created alongside the new instance. - Specifies the parameters for a new disk that will be created alongside the
Use initialization parameters to create boot disks or local SSDs attached to the new instance. Use initialization parameters to create boot disks or local
new instance. SSDs attached to the new instance.
returned: success returned: success
type: complex type: complex
contains: contains:
diskName: diskName:
description: description:
- Specifies the disk name. If not specified, the default is to use the name of the - Specifies the disk name. If not specified, the default is to use the name
instance. of the instance.
returned: success returned: success
type: str type: str
diskSizeGb: diskSizeGb:
@ -546,53 +565,54 @@ RETURN = '''
type: str type: str
sourceImage: sourceImage:
description: description:
- The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage - The source image to create this disk. When creating a new instance, one
or disks.source is required. To create a disk with one of the public operating of initializeParams.sourceImage or disks.source is required. To create
system images, specify the image by its family name. a disk with one of the public operating system images, specify the image
by its family name.
returned: success returned: success
type: str type: str
sourceImageEncryptionKey: sourceImageEncryptionKey:
description: description:
- The customer-supplied encryption key of the source image. Required if the source - The customer-supplied encryption key of the source image. Required if
image is protected by a customer-supplied encryption key. the source image is protected by a customer-supplied encryption key.
- Instance templates do not store customer-supplied encryption keys, so you cannot - Instance templates do not store customer-supplied encryption keys, so
create disks for instances in a managed instance group if the source images are you cannot create disks for instances in a managed instance group if the
encrypted with your own keys. source images are encrypted with your own keys.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC
to either encrypt or decrypt this resource. 4648 base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
that protects this resource. encryption key that protects this resource.
returned: success returned: success
type: str type: str
interface: interface:
description: description:
- Specifies the disk interface to use for attaching this disk, which is either SCSI - Specifies the disk interface to use for attaching this disk, which is either
or NVME. The default is SCSI. SCSI or NVME. The default is SCSI.
- Persistent disks must always use SCSI and the request will fail if you attempt to - Persistent disks must always use SCSI and the request will fail if you attempt
attach a persistent disk in any other format than SCSI. to attach a persistent disk in any other format than SCSI.
returned: success returned: success
type: str type: str
mode: mode:
description: description:
- The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, - The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If
the default is to attach the disk in READ_WRITE mode. not specified, the default is to attach the disk in READ_WRITE mode.
returned: success returned: success
type: str type: str
source: source:
description: description:
- Reference to a gcompute_disk resource. When creating a new instance, one of initializeParams.sourceImage - Reference to a gcompute_disk resource. When creating a new instance, one of
or disks.source is required. initializeParams.sourceImage or disks.source is required.
- If desired, you can also attach existing non-root persistent disks using this property. - If desired, you can also attach existing non-root persistent disks using this
This field is only applicable for persistent disks. property. This field is only applicable for persistent disks.
returned: success returned: success
type: dict type: dict
type: type:
@ -624,16 +644,17 @@ RETURN = '''
type: int type: int
labelFingerprint: labelFingerprint:
description: description:
- A fingerprint for this request, which is essentially a hash of the metadata's contents - A fingerprint for this request, which is essentially a hash of the metadata's
and used for optimistic locking. The fingerprint is initially generated by Compute contents and used for optimistic locking. The fingerprint is initially generated
Engine and changes after every request to modify or update metadata. You must always by Compute Engine and changes after every request to modify or update metadata.
provide an up-to-date fingerprint hash in order to update or change metadata. You must always provide an up-to-date fingerprint hash in order to update or change
metadata.
returned: success returned: success
type: str type: str
metadata: metadata:
description: description:
- The metadata key/value pairs to assign to instances that are created from this template. - The metadata key/value pairs to assign to instances that are created from this
These pairs can consist of custom metadata or predefined keys. template. These pairs can consist of custom metadata or predefined keys.
returned: success returned: success
type: dict type: dict
machineType: machineType:
@ -652,9 +673,9 @@ RETURN = '''
- The name of the resource, provided by the client when initially creating the resource. - The name of the resource, provided by the client when initially creating the resource.
The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, The resource name must be 1-63 characters long, and comply with RFC1035. Specifically,
the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
networkInterfaces: networkInterfaces:
@ -667,27 +688,27 @@ RETURN = '''
contains: contains:
accessConfigs: accessConfigs:
description: description:
- An array of configurations for this interface. Currently, only one access config, - An array of configurations for this interface. Currently, only one access
ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified,
instance will have no external internet access. then this instance will have no external internet access.
returned: success returned: success
type: complex type: complex
contains: contains:
name: name:
description: description:
- The name of this access configuration. The default and recommended name is External - The name of this access configuration. The default and recommended name
NAT but you can use any arbitrary string you would like. For example, My external is External NAT but you can use any arbitrary string you would like. For
IP or Network Access. example, My external IP or Network Access.
returned: success returned: success
type: str type: str
natIP: natIP:
description: description:
- Specifies the title of a gcompute_address. - Specifies the title of a gcompute_address.
- An external IP address associated with this instance. - An external IP address associated with this instance.
- Specify an unused static external IP address available to the project or leave this - Specify an unused static external IP address available to the project
field undefined to use an IP from a shared ephemeral IP address pool. If you specify or leave this field undefined to use an IP from a shared ephemeral IP
a static external IP address, it must live in the same region as the zone of the address pool. If you specify a static external IP address, it must live
instance. in the same region as the zone of the instance.
returned: success returned: success
type: dict type: dict
type: type:
@ -697,25 +718,25 @@ RETURN = '''
type: str type: str
aliasIpRanges: aliasIpRanges:
description: description:
- An array of alias IP ranges for this network interface. Can only be specified for - An array of alias IP ranges for this network interface. Can only be specified
network interfaces on subnet-mode networks. for network interfaces on subnet-mode networks.
returned: success returned: success
type: complex type: complex
contains: contains:
ipCidrRange: ipCidrRange:
description: description:
- The IP CIDR range represented by this alias IP range. - The IP CIDR range represented by this alias IP range.
- This IP CIDR range must belong to the specified subnetwork and cannot contain IP - This IP CIDR range must belong to the specified subnetwork and cannot
addresses reserved by system or used by other network interfaces. This range may contain IP addresses reserved by system or used by other network interfaces.
be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g.
(e.g. 10.1.2.0/24). /24) or a CIDR format string (e.g. 10.1.2.0/24).
returned: success returned: success
type: str type: str
subnetworkRangeName: subnetworkRangeName:
description: description:
- Optional subnetwork secondary range name specifying the secondary range from which - Optional subnetwork secondary range name specifying the secondary range
to allocate the IP CIDR range for this alias IP range. If left unspecified, the from which to allocate the IP CIDR range for this alias IP range. If left
primary range of the subnetwork will be used. unspecified, the primary range of the subnetwork will be used.
returned: success returned: success
type: str type: str
name: name:
@ -727,23 +748,24 @@ RETURN = '''
network: network:
description: description:
- Specifies the title of an existing gcompute_network. When creating an instance, - Specifies the title of an existing gcompute_network. When creating an instance,
if neither the network nor the subnetwork is specified, the default network global/networks/default if neither the network nor the subnetwork is specified, the default network
is used; if the network is not specified but the subnetwork is specified, the network global/networks/default is used; if the network is not specified but the subnetwork
is inferred. is specified, the network is inferred.
returned: success returned: success
type: dict type: dict
networkIP: networkIP:
description: description:
- An IPv4 internal network address to assign to the instance for this network interface. - An IPv4 internal network address to assign to the instance for this network
If not specified by the user, an unused internal IP is assigned by the system. interface. If not specified by the user, an unused internal IP is assigned
by the system.
returned: success returned: success
type: str type: str
subnetwork: subnetwork:
description: description:
- Reference to a gcompute_subnetwork resource. - Reference to a gcompute_subnetwork resource.
- If the network resource is in legacy mode, do not provide this property. If the - If the network resource is in legacy mode, do not provide this property. If
network is in auto subnet mode, providing the subnetwork is optional. If the network the network is in auto subnet mode, providing the subnetwork is optional.
is in custom subnet mode, then this field should be specified. If the network is in custom subnet mode, then this field should be specified.
returned: success returned: success
type: dict type: dict
scheduling: scheduling:
@ -754,17 +776,17 @@ RETURN = '''
contains: contains:
automaticRestart: automaticRestart:
description: description:
- Specifies whether the instance should be automatically restarted if it is terminated - Specifies whether the instance should be automatically restarted if it is
by Compute Engine (not terminated by a user). terminated by Compute Engine (not terminated by a user).
- You can only set the automatic restart option for standard instances. Preemptible - You can only set the automatic restart option for standard instances. Preemptible
instances cannot be automatically restarted. instances cannot be automatically restarted.
returned: success returned: success
type: bool type: bool
onHostMaintenance: onHostMaintenance:
description: description:
- Defines the maintenance behavior for this instance. For standard instances, the - Defines the maintenance behavior for this instance. For standard instances,
default behavior is MIGRATE. For preemptible instances, the default and only possible the default behavior is MIGRATE. For preemptible instances, the default and
behavior is TERMINATE. only possible behavior is TERMINATE.
- For more information, see Setting Instance Scheduling Options. - For more information, see Setting Instance Scheduling Options.
returned: success returned: success
type: str type: str
@ -813,11 +835,11 @@ RETURN = '''
contains: contains:
fingerprint: fingerprint:
description: description:
- Specifies a fingerprint for this request, which is essentially a hash of the metadata's - Specifies a fingerprint for this request, which is essentially a hash of the
contents and used for optimistic locking. metadata's contents and used for optimistic locking.
- The fingerprint is initially generated by Compute Engine and changes after every - The fingerprint is initially generated by Compute Engine and changes after
request to modify or update metadata. You must always provide an up-to-date fingerprint every request to modify or update metadata. You must always provide an up-to-date
hash in order to update or change metadata. fingerprint hash in order to update or change metadata.
returned: success returned: success
type: str type: str
items: items:
@ -989,15 +1011,15 @@ def resource_to_request(module):
u'kind': 'compute#instance', u'kind': 'compute#instance',
u'canIpForward': module.params.get('can_ip_forward'), u'canIpForward': module.params.get('can_ip_forward'),
u'disks': InstanceDisksArray(module.params.get('disks', []), module).to_request(), u'disks': InstanceDisksArray(module.params.get('disks', []), module).to_request(),
u'guestAccelerators': InstanceGuestAcceleratorsArray(module.params.get('guest_accelerators', []), module).to_request(), u'guestAccelerators': InstanceGuestacceleratorsArray(module.params.get('guest_accelerators', []), module).to_request(),
u'labelFingerprint': module.params.get('label_fingerprint'), u'labelFingerprint': module.params.get('label_fingerprint'),
u'metadata': module.params.get('metadata'), u'metadata': module.params.get('metadata'),
u'machineType': machine_type_selflink(module.params.get('machine_type'), module.params), u'machineType': machine_type_selflink(module.params.get('machine_type'), module.params),
u'minCpuPlatform': module.params.get('min_cpu_platform'), u'minCpuPlatform': module.params.get('min_cpu_platform'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'networkInterfaces': InstanceNetworkInterfacesArray(module.params.get('network_interfaces', []), module).to_request(), u'networkInterfaces': InstanceNetworkinterfacesArray(module.params.get('network_interfaces', []), module).to_request(),
u'scheduling': InstanceScheduling(module.params.get('scheduling', {}), module).to_request(), u'scheduling': InstanceScheduling(module.params.get('scheduling', {}), module).to_request(),
u'serviceAccounts': InstanceServiceAccountsArray(module.params.get('service_accounts', []), module).to_request(), u'serviceAccounts': InstanceServiceaccountsArray(module.params.get('service_accounts', []), module).to_request(),
u'tags': InstanceTags(module.params.get('tags', {}), module).to_request() u'tags': InstanceTags(module.params.get('tags', {}), module).to_request()
} }
request = encode_request(request, module) request = encode_request(request, module)
@ -1072,16 +1094,16 @@ def response_to_hash(module, response):
u'cpuPlatform': response.get(u'cpuPlatform'), u'cpuPlatform': response.get(u'cpuPlatform'),
u'creationTimestamp': response.get(u'creationTimestamp'), u'creationTimestamp': response.get(u'creationTimestamp'),
u'disks': InstanceDisksArray(module.params.get('disks', []), module).to_request(), u'disks': InstanceDisksArray(module.params.get('disks', []), module).to_request(),
u'guestAccelerators': InstanceGuestAcceleratorsArray(response.get(u'guestAccelerators', []), module).from_response(), u'guestAccelerators': InstanceGuestacceleratorsArray(response.get(u'guestAccelerators', []), module).from_response(),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'labelFingerprint': response.get(u'labelFingerprint'), u'labelFingerprint': response.get(u'labelFingerprint'),
u'metadata': response.get(u'metadata'), u'metadata': response.get(u'metadata'),
u'machineType': response.get(u'machineType'), u'machineType': response.get(u'machineType'),
u'minCpuPlatform': response.get(u'minCpuPlatform'), u'minCpuPlatform': response.get(u'minCpuPlatform'),
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'networkInterfaces': InstanceNetworkInterfacesArray(response.get(u'networkInterfaces', []), module).from_response(), u'networkInterfaces': InstanceNetworkinterfacesArray(response.get(u'networkInterfaces', []), module).from_response(),
u'scheduling': InstanceScheduling(response.get(u'scheduling', {}), module).from_response(), u'scheduling': InstanceScheduling(response.get(u'scheduling', {}), module).from_response(),
u'serviceAccounts': InstanceServiceAccountsArray(response.get(u'serviceAccounts', []), module).from_response(), u'serviceAccounts': InstanceServiceaccountsArray(response.get(u'serviceAccounts', []), module).from_response(),
u'status': response.get(u'status'), u'status': response.get(u'status'),
u'statusMessage': response.get(u'statusMessage'), u'statusMessage': response.get(u'statusMessage'),
u'tags': InstanceTags(response.get(u'tags', {}), module).from_response() u'tags': InstanceTags(response.get(u'tags', {}), module).from_response()
@ -1130,8 +1152,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -1219,9 +1239,9 @@ class InstanceDisksArray(object):
u'autoDelete': item.get('auto_delete'), u'autoDelete': item.get('auto_delete'),
u'boot': item.get('boot'), u'boot': item.get('boot'),
u'deviceName': item.get('device_name'), u'deviceName': item.get('device_name'),
u'diskEncryptionKey': InstanceDiskEncryptionKey(item.get('disk_encryption_key', {}), self.module).to_request(), u'diskEncryptionKey': InstanceDiskencryptionkey(item.get('disk_encryption_key', {}), self.module).to_request(),
u'index': item.get('index'), u'index': item.get('index'),
u'initializeParams': InstanceInitializeParams(item.get('initialize_params', {}), self.module).to_request(), u'initializeParams': InstanceInitializeparams(item.get('initialize_params', {}), self.module).to_request(),
u'interface': item.get('interface'), u'interface': item.get('interface'),
u'mode': item.get('mode'), u'mode': item.get('mode'),
u'source': replace_resource_dict(item.get(u'source', {}), 'selfLink'), u'source': replace_resource_dict(item.get(u'source', {}), 'selfLink'),
@ -1233,9 +1253,9 @@ class InstanceDisksArray(object):
u'autoDelete': item.get(u'autoDelete'), u'autoDelete': item.get(u'autoDelete'),
u'boot': item.get(u'boot'), u'boot': item.get(u'boot'),
u'deviceName': item.get(u'deviceName'), u'deviceName': item.get(u'deviceName'),
u'diskEncryptionKey': InstanceDiskEncryptionKey(item.get(u'diskEncryptionKey', {}), self.module).from_response(), u'diskEncryptionKey': InstanceDiskencryptionkey(item.get(u'diskEncryptionKey', {}), self.module).from_response(),
u'index': item.get(u'index'), u'index': item.get(u'index'),
u'initializeParams': InstanceInitializeParams(self.module.params.get('initialize_params', {}), self.module).to_request(), u'initializeParams': InstanceInitializeparams(self.module.params.get('initialize_params', {}), self.module).to_request(),
u'interface': item.get(u'interface'), u'interface': item.get(u'interface'),
u'mode': item.get(u'mode'), u'mode': item.get(u'mode'),
u'source': item.get(u'source'), u'source': item.get(u'source'),
@ -1243,7 +1263,7 @@ class InstanceDisksArray(object):
}) })
class InstanceDiskEncryptionKey(object): class InstanceDiskencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1266,7 +1286,7 @@ class InstanceDiskEncryptionKey(object):
}) })
class InstanceInitializeParams(object): class InstanceInitializeparams(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1280,7 +1300,7 @@ class InstanceInitializeParams(object):
u'diskSizeGb': self.request.get('disk_size_gb'), u'diskSizeGb': self.request.get('disk_size_gb'),
u'diskType': disk_type_selflink(self.request.get('disk_type'), self.module.params), u'diskType': disk_type_selflink(self.request.get('disk_type'), self.module.params),
u'sourceImage': self.request.get('source_image'), u'sourceImage': self.request.get('source_image'),
u'sourceImageEncryptionKey': InstanceSourceImageEncryptionKey(self.request.get('source_image_encryption_key', {}), self.module).to_request() u'sourceImageEncryptionKey': InstanceSourceimageencryptionkey(self.request.get('source_image_encryption_key', {}), self.module).to_request()
}) })
def from_response(self): def from_response(self):
@ -1289,11 +1309,11 @@ class InstanceInitializeParams(object):
u'diskSizeGb': self.request.get(u'diskSizeGb'), u'diskSizeGb': self.request.get(u'diskSizeGb'),
u'diskType': self.request.get(u'diskType'), u'diskType': self.request.get(u'diskType'),
u'sourceImage': self.request.get(u'sourceImage'), u'sourceImage': self.request.get(u'sourceImage'),
u'sourceImageEncryptionKey': InstanceSourceImageEncryptionKey(self.request.get(u'sourceImageEncryptionKey', {}), self.module).from_response() u'sourceImageEncryptionKey': InstanceSourceimageencryptionkey(self.request.get(u'sourceImageEncryptionKey', {}), self.module).from_response()
}) })
class InstanceSourceImageEncryptionKey(object): class InstanceSourceimageencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1314,7 +1334,7 @@ class InstanceSourceImageEncryptionKey(object):
}) })
class InstanceGuestAcceleratorsArray(object): class InstanceGuestacceleratorsArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1347,7 +1367,7 @@ class InstanceGuestAcceleratorsArray(object):
}) })
class InstanceNetworkInterfacesArray(object): class InstanceNetworkinterfacesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1369,8 +1389,8 @@ class InstanceNetworkInterfacesArray(object):
def _request_for_item(self, item): def _request_for_item(self, item):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'accessConfigs': InstanceAccessConfigsArray(item.get('access_configs', []), self.module).to_request(), u'accessConfigs': InstanceAccessconfigsArray(item.get('access_configs', []), self.module).to_request(),
u'aliasIpRanges': InstanceAliasIpRangesArray(item.get('alias_ip_ranges', []), self.module).to_request(), u'aliasIpRanges': InstanceAliasiprangesArray(item.get('alias_ip_ranges', []), self.module).to_request(),
u'name': item.get('name'), u'name': item.get('name'),
u'network': replace_resource_dict(item.get(u'network', {}), 'selfLink'), u'network': replace_resource_dict(item.get(u'network', {}), 'selfLink'),
u'networkIP': item.get('network_ip'), u'networkIP': item.get('network_ip'),
@ -1379,8 +1399,8 @@ class InstanceNetworkInterfacesArray(object):
def _response_from_item(self, item): def _response_from_item(self, item):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'accessConfigs': InstanceAccessConfigsArray(item.get(u'accessConfigs', []), self.module).from_response(), u'accessConfigs': InstanceAccessconfigsArray(item.get(u'accessConfigs', []), self.module).from_response(),
u'aliasIpRanges': InstanceAliasIpRangesArray(item.get(u'aliasIpRanges', []), self.module).from_response(), u'aliasIpRanges': InstanceAliasiprangesArray(item.get(u'aliasIpRanges', []), self.module).from_response(),
u'name': item.get(u'name'), u'name': item.get(u'name'),
u'network': item.get(u'network'), u'network': item.get(u'network'),
u'networkIP': item.get(u'networkIP'), u'networkIP': item.get(u'networkIP'),
@ -1388,7 +1408,7 @@ class InstanceNetworkInterfacesArray(object):
}) })
class InstanceAccessConfigsArray(object): class InstanceAccessconfigsArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1423,7 +1443,7 @@ class InstanceAccessConfigsArray(object):
}) })
class InstanceAliasIpRangesArray(object): class InstanceAliasiprangesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1479,7 +1499,7 @@ class InstanceScheduling(object):
}) })
class InstanceServiceAccountsArray(object): class InstanceServiceaccountsArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

256
plugins/modules/gcp_compute_instance_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
zone: zone:
description: description:
- A reference to the zone where the machine resides. - A reference to the zone where the machine resides.
@ -73,8 +72,9 @@ items:
contains: contains:
canIpForward: canIpForward:
description: description:
- Allows this instance to send and receive packets with non-matching destination or - Allows this instance to send and receive packets with non-matching destination
source IPs. This is required if you plan to use this instance to forward routes. or source IPs. This is required if you plan to use this instance to forward
routes.
returned: success returned: success
type: bool type: bool
cpuPlatform: cpuPlatform:
@ -89,30 +89,31 @@ items:
type: str type: str
disks: disks:
description: description:
- An array of disks that are associated with the instances that are created from this - An array of disks that are associated with the instances that are created
template. from this template.
returned: success returned: success
type: complex type: complex
contains: contains:
autoDelete: autoDelete:
description: description:
- Specifies whether the disk will be auto-deleted when the instance is deleted (but - Specifies whether the disk will be auto-deleted when the instance is deleted
not when the disk is detached from the instance). (but not when the disk is detached from the instance).
- 'Tip: Disks should be set to autoDelete=true so that leftover disks are not left - 'Tip: Disks should be set to autoDelete=true so that leftover disks are
behind on machine deletion.' not left behind on machine deletion.'
returned: success returned: success
type: bool type: bool
boot: boot:
description: description:
- Indicates that this is a boot disk. The virtual machine will use the first partition - Indicates that this is a boot disk. The virtual machine will use the first
of the disk for its root filesystem. partition of the disk for its root filesystem.
returned: success returned: success
type: bool type: bool
deviceName: deviceName:
description: description:
- Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* - Specifies a unique device name of your choice that is reflected into the
tree of a Linux operating system running within the instance. This name can be used /dev/disk/by-id/google-* tree of a Linux operating system running within
to reference the device for mounting, resizing, and so on, from within the instance. the instance. This name can be used to reference the device for mounting,
resizing, and so on, from within the instance.
returned: success returned: success
type: str type: str
diskEncryptionKey: diskEncryptionKey:
@ -123,41 +124,42 @@ items:
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC
to either encrypt or decrypt this resource. 4648 base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
rsaEncryptedKey: rsaEncryptedKey:
description: description:
- Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption - Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied
key to either encrypt or decrypt this resource. encryption key to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
that protects this resource. encryption key that protects this resource.
returned: success returned: success
type: str type: str
index: index:
description: description:
- Assigns a zero-based index to this disk, where 0 is reserved for the boot disk. - Assigns a zero-based index to this disk, where 0 is reserved for the boot
For example, if you have many disks attached to an instance, each disk would have disk. For example, if you have many disks attached to an instance, each
a unique index number. If not specified, the server will choose an appropriate value. disk would have a unique index number. If not specified, the server will
choose an appropriate value.
returned: success returned: success
type: int type: int
initializeParams: initializeParams:
description: description:
- Specifies the parameters for a new disk that will be created alongside the new instance. - Specifies the parameters for a new disk that will be created alongside
Use initialization parameters to create boot disks or local SSDs attached to the the new instance. Use initialization parameters to create boot disks or
new instance. local SSDs attached to the new instance.
returned: success returned: success
type: complex type: complex
contains: contains:
diskName: diskName:
description: description:
- Specifies the disk name. If not specified, the default is to use the name of the - Specifies the disk name. If not specified, the default is to use the
instance. name of the instance.
returned: success returned: success
type: str type: str
diskSizeGb: diskSizeGb:
@ -174,53 +176,55 @@ items:
type: str type: str
sourceImage: sourceImage:
description: description:
- The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage - The source image to create this disk. When creating a new instance,
or disks.source is required. To create a disk with one of the public operating one of initializeParams.sourceImage or disks.source is required. To
system images, specify the image by its family name. create a disk with one of the public operating system images, specify
the image by its family name.
returned: success returned: success
type: str type: str
sourceImageEncryptionKey: sourceImageEncryptionKey:
description: description:
- The customer-supplied encryption key of the source image. Required if the source - The customer-supplied encryption key of the source image. Required
image is protected by a customer-supplied encryption key. if the source image is protected by a customer-supplied encryption
- Instance templates do not store customer-supplied encryption keys, so you cannot key.
create disks for instances in a managed instance group if the source images are - Instance templates do not store customer-supplied encryption keys,
encrypted with your own keys. so you cannot create disks for instances in a managed instance group
if the source images are encrypted with your own keys.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded
to either encrypt or decrypt this resource. in RFC 4648 base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
that protects this resource. encryption key that protects this resource.
returned: success returned: success
type: str type: str
interface: interface:
description: description:
- Specifies the disk interface to use for attaching this disk, which is either SCSI - Specifies the disk interface to use for attaching this disk, which is
or NVME. The default is SCSI. either SCSI or NVME. The default is SCSI.
- Persistent disks must always use SCSI and the request will fail if you attempt to - Persistent disks must always use SCSI and the request will fail if you
attach a persistent disk in any other format than SCSI. attempt to attach a persistent disk in any other format than SCSI.
returned: success returned: success
type: str type: str
mode: mode:
description: description:
- The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, - The mode in which to attach this disk, either READ_WRITE or READ_ONLY.
the default is to attach the disk in READ_WRITE mode. If not specified, the default is to attach the disk in READ_WRITE mode.
returned: success returned: success
type: str type: str
source: source:
description: description:
- Reference to a gcompute_disk resource. When creating a new instance, one of initializeParams.sourceImage - Reference to a gcompute_disk resource. When creating a new instance, one
or disks.source is required. of initializeParams.sourceImage or disks.source is required.
- If desired, you can also attach existing non-root persistent disks using this property. - If desired, you can also attach existing non-root persistent disks using
This field is only applicable for persistent disks. this property. This field is only applicable for persistent disks.
returned: success returned: success
type: dict type: dict
type: type:
@ -242,26 +246,29 @@ items:
type: int type: int
acceleratorType: acceleratorType:
description: description:
- Full or partial URL of the accelerator type resource to expose to this instance. - Full or partial URL of the accelerator type resource to expose to this
instance.
returned: success returned: success
type: str type: str
id: id:
description: description:
- The unique identifier for the resource. This identifier is defined by the server. - The unique identifier for the resource. This identifier is defined by the
server.
returned: success returned: success
type: int type: int
labelFingerprint: labelFingerprint:
description: description:
- A fingerprint for this request, which is essentially a hash of the metadata's contents - A fingerprint for this request, which is essentially a hash of the metadata's
and used for optimistic locking. The fingerprint is initially generated by Compute contents and used for optimistic locking. The fingerprint is initially generated
Engine and changes after every request to modify or update metadata. You must always by Compute Engine and changes after every request to modify or update metadata.
provide an up-to-date fingerprint hash in order to update or change metadata. You must always provide an up-to-date fingerprint hash in order to update
or change metadata.
returned: success returned: success
type: str type: str
metadata: metadata:
description: description:
- The metadata key/value pairs to assign to instances that are created from this template. - The metadata key/value pairs to assign to instances that are created from
These pairs can consist of custom metadata or predefined keys. this template. These pairs can consist of custom metadata or predefined keys.
returned: success returned: success
type: dict type: dict
machineType: machineType:
@ -271,51 +278,51 @@ items:
type: str type: str
minCpuPlatform: minCpuPlatform:
description: description:
- Specifies a minimum CPU platform for the VM instance. Applicable values are the - Specifies a minimum CPU platform for the VM instance. Applicable values are
friendly names of CPU platforms . the friendly names of CPU platforms .
returned: success returned: success
type: str type: str
name: name:
description: description:
- The name of the resource, provided by the client when initially creating the resource. - The name of the resource, provided by the client when initially creating the
The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, resource. The resource name must be 1-63 characters long, and comply with
the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` RFC1035. Specifically, the name must be 1-63 characters long and match the
which means the first character must be a lowercase letter, and all following characters regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character
must be a dash, lowercase letter, or digit, except the last character, which cannot must be a lowercase letter, and all following characters must be a dash, lowercase
be a dash. letter, or digit, except the last character, which cannot be a dash.
returned: success returned: success
type: str type: str
networkInterfaces: networkInterfaces:
description: description:
- An array of configurations for this interface. This specifies how this interface - An array of configurations for this interface. This specifies how this interface
is configured to interact with other network services, such as connecting to the is configured to interact with other network services, such as connecting
internet. Only one network interface is supported per instance. to the internet. Only one network interface is supported per instance.
returned: success returned: success
type: complex type: complex
contains: contains:
accessConfigs: accessConfigs:
description: description:
- An array of configurations for this interface. Currently, only one access config, - An array of configurations for this interface. Currently, only one access
ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified,
instance will have no external internet access. then this instance will have no external internet access.
returned: success returned: success
type: complex type: complex
contains: contains:
name: name:
description: description:
- The name of this access configuration. The default and recommended name is External - The name of this access configuration. The default and recommended
NAT but you can use any arbitrary string you would like. For example, My external name is External NAT but you can use any arbitrary string you would
IP or Network Access. like. For example, My external IP or Network Access.
returned: success returned: success
type: str type: str
natIP: natIP:
description: description:
- Specifies the title of a gcompute_address. - Specifies the title of a gcompute_address.
- An external IP address associated with this instance. - An external IP address associated with this instance.
- Specify an unused static external IP address available to the project or leave this - Specify an unused static external IP address available to the project
field undefined to use an IP from a shared ephemeral IP address pool. If you specify or leave this field undefined to use an IP from a shared ephemeral
a static external IP address, it must live in the same region as the zone of the IP address pool. If you specify a static external IP address, it must
instance. live in the same region as the zone of the instance.
returned: success returned: success
type: dict type: dict
type: type:
@ -325,53 +332,54 @@ items:
type: str type: str
aliasIpRanges: aliasIpRanges:
description: description:
- An array of alias IP ranges for this network interface. Can only be specified for - An array of alias IP ranges for this network interface. Can only be specified
network interfaces on subnet-mode networks. for network interfaces on subnet-mode networks.
returned: success returned: success
type: complex type: complex
contains: contains:
ipCidrRange: ipCidrRange:
description: description:
- The IP CIDR range represented by this alias IP range. - The IP CIDR range represented by this alias IP range.
- This IP CIDR range must belong to the specified subnetwork and cannot contain IP - This IP CIDR range must belong to the specified subnetwork and cannot
addresses reserved by system or used by other network interfaces. This range may contain IP addresses reserved by system or used by other network interfaces.
be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g.
(e.g. 10.1.2.0/24). /24) or a CIDR format string (e.g. 10.1.2.0/24).
returned: success returned: success
type: str type: str
subnetworkRangeName: subnetworkRangeName:
description: description:
- Optional subnetwork secondary range name specifying the secondary range from which - Optional subnetwork secondary range name specifying the secondary
to allocate the IP CIDR range for this alias IP range. If left unspecified, the range from which to allocate the IP CIDR range for this alias IP range.
primary range of the subnetwork will be used. If left unspecified, the primary range of the subnetwork will be used.
returned: success returned: success
type: str type: str
name: name:
description: description:
- The name of the network interface, generated by the server. For network devices, - The name of the network interface, generated by the server. For network
these are eth0, eth1, etc . devices, these are eth0, eth1, etc .
returned: success returned: success
type: str type: str
network: network:
description: description:
- Specifies the title of an existing gcompute_network. When creating an instance, - Specifies the title of an existing gcompute_network. When creating an
if neither the network nor the subnetwork is specified, the default network global/networks/default instance, if neither the network nor the subnetwork is specified, the
is used; if the network is not specified but the subnetwork is specified, the network default network global/networks/default is used; if the network is not
is inferred. specified but the subnetwork is specified, the network is inferred.
returned: success returned: success
type: dict type: dict
networkIP: networkIP:
description: description:
- An IPv4 internal network address to assign to the instance for this network interface. - An IPv4 internal network address to assign to the instance for this network
If not specified by the user, an unused internal IP is assigned by the system. interface. If not specified by the user, an unused internal IP is assigned
by the system.
returned: success returned: success
type: str type: str
subnetwork: subnetwork:
description: description:
- Reference to a gcompute_subnetwork resource. - Reference to a gcompute_subnetwork resource.
- If the network resource is in legacy mode, do not provide this property. If the - If the network resource is in legacy mode, do not provide this property.
network is in auto subnet mode, providing the subnetwork is optional. If the network If the network is in auto subnet mode, providing the subnetwork is optional.
is in custom subnet mode, then this field should be specified. If the network is in custom subnet mode, then this field should be specified.
returned: success returned: success
type: dict type: dict
scheduling: scheduling:
@ -382,30 +390,31 @@ items:
contains: contains:
automaticRestart: automaticRestart:
description: description:
- Specifies whether the instance should be automatically restarted if it is terminated - Specifies whether the instance should be automatically restarted if it
by Compute Engine (not terminated by a user). is terminated by Compute Engine (not terminated by a user).
- You can only set the automatic restart option for standard instances. Preemptible - You can only set the automatic restart option for standard instances.
instances cannot be automatically restarted. Preemptible instances cannot be automatically restarted.
returned: success returned: success
type: bool type: bool
onHostMaintenance: onHostMaintenance:
description: description:
- Defines the maintenance behavior for this instance. For standard instances, the - Defines the maintenance behavior for this instance. For standard instances,
default behavior is MIGRATE. For preemptible instances, the default and only possible the default behavior is MIGRATE. For preemptible instances, the default
behavior is TERMINATE. and only possible behavior is TERMINATE.
- For more information, see Setting Instance Scheduling Options. - For more information, see Setting Instance Scheduling Options.
returned: success returned: success
type: str type: str
preemptible: preemptible:
description: description:
- Defines whether the instance is preemptible. This can only be set during instance - Defines whether the instance is preemptible. This can only be set during
creation, it cannot be set or changed after the instance has been created. instance creation, it cannot be set or changed after the instance has
been created.
returned: success returned: success
type: bool type: bool
serviceAccounts: serviceAccounts:
description: description:
- A list of service accounts, with their specified scopes, authorized for this instance. - A list of service accounts, with their specified scopes, authorized for this
Only one service account per VM instance is supported. instance. Only one service account per VM instance is supported.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -432,25 +441,26 @@ items:
type: str type: str
tags: tags:
description: description:
- A list of tags to apply to this instance. Tags are used to identify valid sources - A list of tags to apply to this instance. Tags are used to identify valid
or targets for network firewalls and are specified by the client during instance sources or targets for network firewalls and are specified by the client during
creation. The tags can be later modified by the setTags method. Each tag within instance creation. The tags can be later modified by the setTags method. Each
the list must comply with RFC1035. tag within the list must comply with RFC1035.
returned: success returned: success
type: complex type: complex
contains: contains:
fingerprint: fingerprint:
description: description:
- Specifies a fingerprint for this request, which is essentially a hash of the metadata's - Specifies a fingerprint for this request, which is essentially a hash
contents and used for optimistic locking. of the metadata's contents and used for optimistic locking.
- The fingerprint is initially generated by Compute Engine and changes after every - The fingerprint is initially generated by Compute Engine and changes after
request to modify or update metadata. You must always provide an up-to-date fingerprint every request to modify or update metadata. You must always provide an
hash in order to update or change metadata. up-to-date fingerprint hash in order to update or change metadata.
returned: success returned: success
type: str type: str
items: items:
description: description:
- An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035. - An array of tags. Each tag must be 1-63 characters long, and comply with
RFC1035.
returned: success returned: success
type: list type: list
zone: zone:
@ -479,7 +489,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

38
plugins/modules/gcp_compute_instance_group.py
View file

@ -47,8 +47,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -63,8 +65,8 @@ options:
description: description:
- Assigns a name to a port number. - Assigns a name to a port number.
- 'For example: {name: "http", port: 80}.' - 'For example: {name: "http", port: 80}.'
- This allows the system to reference ports by the assigned name instead of a port - This allows the system to reference ports by the assigned name instead of a
number. Named ports can also contain multiple ports. port number. Named ports can also contain multiple ports.
- 'For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports - 'For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports
apply to all instances in this instance group.' apply to all instances in this instance group.'
required: false required: false
@ -82,10 +84,10 @@ options:
description: description:
- The network to which all instances in the instance group belong. - The network to which all instances in the instance group belong.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: false required: false
region: region:
description: description:
@ -97,8 +99,8 @@ options:
- 'This field represents a link to a Subnetwork resource in GCP. It can be specified - 'This field represents a link to a Subnetwork resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork in two ways. You can add `register: name-of-resource` to a gcp_compute_subnetwork
task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively, task and then set this subnetwork field to "{{ name-of-resource }}" Alternatively,
you can set this subnetwork to a dictionary with the selfLink key where the value you can set this subnetwork to a dictionary with the selfLink key where the
is the selfLink of your Subnetwork.' value is the selfLink of your Subnetwork'
required: false required: false
zone: zone:
description: description:
@ -108,8 +110,8 @@ options:
description: description:
- The list of instances associated with this InstanceGroup. - The list of instances associated with this InstanceGroup.
- All instances must be created before being added to an InstanceGroup. - All instances must be created before being added to an InstanceGroup.
- All instances not in this list will be removed from the InstanceGroup and will not - All instances not in this list will be removed from the InstanceGroup and will
be deleted. not be deleted.
- Only the full identifier of the instance will be returned. - Only the full identifier of the instance will be returned.
required: false required: false
version_added: 2.8 version_added: 2.8
@ -209,8 +211,8 @@ RETURN = '''
description: description:
- The list of instances associated with this InstanceGroup. - The list of instances associated with this InstanceGroup.
- All instances must be created before being added to an InstanceGroup. - All instances must be created before being added to an InstanceGroup.
- All instances not in this list will be removed from the InstanceGroup and will not - All instances not in this list will be removed from the InstanceGroup and will
be deleted. not be deleted.
- Only the full identifier of the instance will be returned. - Only the full identifier of the instance will be returned.
returned: success returned: success
type: list type: list
@ -305,7 +307,7 @@ def resource_to_request(module):
u'kind': 'compute#instanceGroup', u'kind': 'compute#instanceGroup',
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'namedPorts': InstanceGroupNamedPortsArray(module.params.get('named_ports', []), module).to_request(), u'namedPorts': InstanceGroupNamedportsArray(module.params.get('named_ports', []), module).to_request(),
u'network': replace_resource_dict(module.params.get(u'network', {}), 'selfLink'), u'network': replace_resource_dict(module.params.get(u'network', {}), 'selfLink'),
u'region': region_selflink(module.params.get('region'), module.params), u'region': region_selflink(module.params.get('region'), module.params),
u'subnetwork': replace_resource_dict(module.params.get(u'subnetwork', {}), 'selfLink') u'subnetwork': replace_resource_dict(module.params.get(u'subnetwork', {}), 'selfLink')
@ -378,7 +380,7 @@ def response_to_hash(module, response):
u'description': response.get(u'description'), u'description': response.get(u'description'),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'namedPorts': InstanceGroupNamedPortsArray(response.get(u'namedPorts', []), module).from_response(), u'namedPorts': InstanceGroupNamedportsArray(response.get(u'namedPorts', []), module).from_response(),
u'network': response.get(u'network'), u'network': response.get(u'network'),
u'region': response.get(u'region'), u'region': response.get(u'region'),
u'subnetwork': response.get(u'subnetwork') u'subnetwork': response.get(u'subnetwork')
@ -418,8 +420,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -491,7 +491,7 @@ class InstanceLogic(object):
return request return request
class InstanceGroupNamedPortsArray(object): class InstanceGroupNamedportsArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

21
plugins/modules/gcp_compute_instance_group_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
zone: zone:
description: description:
- A reference to the zone where the instance group resides. - A reference to the zone where the instance group resides.
@ -97,10 +96,10 @@ items:
description: description:
- Assigns a name to a port number. - Assigns a name to a port number.
- 'For example: {name: "http", port: 80}.' - 'For example: {name: "http", port: 80}.'
- This allows the system to reference ports by the assigned name instead of a port - This allows the system to reference ports by the assigned name instead of
number. Named ports can also contain multiple ports. a port number. Named ports can also contain multiple ports.
- 'For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named ports - 'For example: [{name: "http", port: 80},{name: "http", port: 8080}] Named
apply to all instances in this instance group.' ports apply to all instances in this instance group.'
returned: success returned: success
type: complex type: complex
contains: contains:
@ -139,8 +138,8 @@ items:
description: description:
- The list of instances associated with this InstanceGroup. - The list of instances associated with this InstanceGroup.
- All instances must be created before being added to an InstanceGroup. - All instances must be created before being added to an InstanceGroup.
- All instances not in this list will be removed from the InstanceGroup and will not - All instances not in this list will be removed from the InstanceGroup and
be deleted. will not be deleted.
- Only the full identifier of the instance will be returned. - Only the full identifier of the instance will be returned.
returned: success returned: success
type: list type: list
@ -165,7 +164,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

106
plugins/modules/gcp_compute_instance_group_manager.py
View file

@ -49,13 +49,15 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
base_instance_name: base_instance_name:
description: description:
- The base instance name to use for instances in this group. The value must be 1-58 - The base instance name to use for instances in this group. The value must be
characters long. Instances are named by appending a hyphen and a random four-character 1-58 characters long. Instances are named by appending a hyphen and a random
string to the base instance name. four-character string to the base instance name.
- The base instance name must comply with RFC1035. - The base instance name must comply with RFC1035.
required: true required: true
description: description:
@ -65,29 +67,30 @@ options:
required: false required: false
instance_template: instance_template:
description: description:
- The instance template that is specified for this managed instance group. The group - The instance template that is specified for this managed instance group. The
uses this template to create all new instances in the managed instance group. group uses this template to create all new instances in the managed instance
- 'This field represents a link to a InstanceTemplate resource in GCP. It can be specified group.
in two ways. You can add `register: name-of-resource` to a gcp_compute_instance_template - 'This field represents a link to a InstanceTemplate resource in GCP. It can
be specified in two ways. You can add `register: name-of-resource` to a gcp_compute_instance_template
task and then set this instance_template field to "{{ name-of-resource }}" Alternatively, task and then set this instance_template field to "{{ name-of-resource }}" Alternatively,
you can set this instance_template to a dictionary with the selfLink key where the you can set this instance_template to a dictionary with the selfLink key where
value is the selfLink of your InstanceTemplate.' the value is the selfLink of your InstanceTemplate'
required: true required: true
name: name:
description: description:
- The name of the managed instance group. The name must be 1-63 characters long, and - The name of the managed instance group. The name must be 1-63 characters long,
comply with RFC1035. and comply with RFC1035.
required: true required: true
named_ports: named_ports:
description: description:
- Named ports configured for the Instance Groups complementary to this Instance Group - Named ports configured for the Instance Groups complementary to this Instance
Manager. Group Manager.
required: false required: false
suboptions: suboptions:
name: name:
description: description:
- The name for this named port. The name must be 1-63 characters long, and comply - The name for this named port. The name must be 1-63 characters long, and
with RFC1035. comply with RFC1035.
required: false required: false
port: port:
description: description:
@ -95,14 +98,15 @@ options:
required: false required: false
target_pools: target_pools:
description: description:
- TargetPool resources to which instances in the instanceGroup field are added. The - TargetPool resources to which instances in the instanceGroup field are added.
target pools automatically apply to all of the instances in the managed instance The target pools automatically apply to all of the instances in the managed
group. instance group.
required: false required: false
target_size: target_size:
description: description:
- The target number of running instances for this managed instance group. Deleting - The target number of running instances for this managed instance group. Deleting
or abandoning instances reduces this number. Resizing the group changes this number. or abandoning instances reduces this number. Resizing the group changes this
number.
required: false required: false
zone: zone:
description: description:
@ -189,16 +193,16 @@ RETURN = '''
contains: contains:
abandoning: abandoning:
description: description:
- The total number of instances in the managed instance group that are scheduled to - The total number of instances in the managed instance group that are scheduled
be abandoned. Abandoning an instance removes it from the managed instance group to be abandoned. Abandoning an instance removes it from the managed instance
without deleting it. group without deleting it.
returned: success returned: success
type: int type: int
creating: creating:
description: description:
- The number of instances in the managed instance group that are scheduled to be created - The number of instances in the managed instance group that are scheduled to
or are currently being created. If the group fails to create any of these instances, be created or are currently being created. If the group fails to create any
it tries again until it creates the instance successfully. of these instances, it tries again until it creates the instance successfully.
- If you have disabled creation retries, this field will not be populated; instead, - If you have disabled creation retries, this field will not be populated; instead,
the creatingWithoutRetries field will be populated. the creatingWithoutRetries field will be populated.
returned: success returned: success
@ -206,28 +210,28 @@ RETURN = '''
creatingWithoutRetries: creatingWithoutRetries:
description: description:
- The number of instances that the managed instance group will attempt to create. - The number of instances that the managed instance group will attempt to create.
The group attempts to create each instance only once. If the group fails to create The group attempts to create each instance only once. If the group fails to
any of these instances, it decreases the group's targetSize value accordingly. create any of these instances, it decreases the group's targetSize value accordingly.
returned: success returned: success
type: int type: int
deleting: deleting:
description: description:
- The number of instances in the managed instance group that are scheduled to be deleted - The number of instances in the managed instance group that are scheduled to
or are currently being deleted. be deleted or are currently being deleted.
returned: success returned: success
type: int type: int
none: none:
description: description:
- The number of instances in the managed instance group that are running and have - The number of instances in the managed instance group that are running and
no scheduled actions. have no scheduled actions.
returned: success returned: success
type: int type: int
recreating: recreating:
description: description:
- The number of instances in the managed instance group that are scheduled to be recreated - The number of instances in the managed instance group that are scheduled to
or are currently being being recreated. be recreated or are currently being being recreated.
- Recreating an instance deletes the existing root persistent disk and creates a new - Recreating an instance deletes the existing root persistent disk and creates
disk from the image that is defined in the instance template. a new disk from the image that is defined in the instance template.
returned: success returned: success
type: int type: int
refreshing: refreshing:
@ -239,8 +243,8 @@ RETURN = '''
type: int type: int
restarting: restarting:
description: description:
- The number of instances in the managed instance group that are scheduled to be restarted - The number of instances in the managed instance group that are scheduled to
or are currently being restarted. be restarted or are currently being restarted.
returned: success returned: success
type: int type: int
description: description:
@ -267,14 +271,14 @@ RETURN = '''
type: dict type: dict
name: name:
description: description:
- The name of the managed instance group. The name must be 1-63 characters long, and - The name of the managed instance group. The name must be 1-63 characters long,
comply with RFC1035. and comply with RFC1035.
returned: success returned: success
type: str type: str
namedPorts: namedPorts:
description: description:
- Named ports configured for the Instance Groups complementary to this Instance Group - Named ports configured for the Instance Groups complementary to this Instance
Manager. Group Manager.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -296,8 +300,8 @@ RETURN = '''
type: str type: str
targetPools: targetPools:
description: description:
- TargetPool resources to which instances in the instanceGroup field are added. The - TargetPool resources to which instances in the instanceGroup field are added.
target pools automatically apply to all of the instances in the managed instance The target pools automatically apply to all of the instances in the managed instance
group. group.
returned: success returned: success
type: list type: list
@ -401,7 +405,7 @@ def resource_to_request(module):
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'instanceTemplate': replace_resource_dict(module.params.get(u'instance_template', {}), 'selfLink'), u'instanceTemplate': replace_resource_dict(module.params.get(u'instance_template', {}), 'selfLink'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'namedPorts': InstanceGroupManagerNamedPortsArray(module.params.get('named_ports', []), module).to_request(), u'namedPorts': InstanceGroupManagerNamedportsArray(module.params.get('named_ports', []), module).to_request(),
u'targetPools': replace_resource_dict(module.params.get('target_pools', []), 'selfLink'), u'targetPools': replace_resource_dict(module.params.get('target_pools', []), 'selfLink'),
u'targetSize': module.params.get('target_size') u'targetSize': module.params.get('target_size')
} }
@ -471,13 +475,13 @@ def response_to_hash(module, response):
return { return {
u'baseInstanceName': response.get(u'baseInstanceName'), u'baseInstanceName': response.get(u'baseInstanceName'),
u'creationTimestamp': response.get(u'creationTimestamp'), u'creationTimestamp': response.get(u'creationTimestamp'),
u'currentActions': InstanceGroupManagerCurrentActions(response.get(u'currentActions', {}), module).from_response(), u'currentActions': InstanceGroupManagerCurrentactions(response.get(u'currentActions', {}), module).from_response(),
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'instanceGroup': response.get(u'instanceGroup'), u'instanceGroup': response.get(u'instanceGroup'),
u'instanceTemplate': response.get(u'instanceTemplate'), u'instanceTemplate': response.get(u'instanceTemplate'),
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'namedPorts': InstanceGroupManagerNamedPortsArray(response.get(u'namedPorts', []), module).from_response(), u'namedPorts': InstanceGroupManagerNamedportsArray(response.get(u'namedPorts', []), module).from_response(),
u'region': response.get(u'region'), u'region': response.get(u'region'),
u'targetPools': response.get(u'targetPools'), u'targetPools': response.get(u'targetPools'),
u'targetSize': response.get(u'targetSize') u'targetSize': response.get(u'targetSize')
@ -517,8 +521,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -530,7 +532,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class InstanceGroupManagerCurrentActions(object): class InstanceGroupManagerCurrentactions(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -563,7 +565,7 @@ class InstanceGroupManagerCurrentActions(object):
}) })
class InstanceGroupManagerNamedPortsArray(object): class InstanceGroupManagerNamedportsArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

88
plugins/modules/gcp_compute_instance_group_manager_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
zone: zone:
description: description:
- The zone the managed instance group resides. - The zone the managed instance group resides.
@ -73,9 +72,9 @@ items:
contains: contains:
baseInstanceName: baseInstanceName:
description: description:
- The base instance name to use for instances in this group. The value must be 1-58 - The base instance name to use for instances in this group. The value must
characters long. Instances are named by appending a hyphen and a random four-character be 1-58 characters long. Instances are named by appending a hyphen and a random
string to the base instance name. four-character string to the base instance name.
- The base instance name must comply with RFC1035. - The base instance name must comply with RFC1035.
returned: success returned: success
type: str type: str
@ -93,58 +92,59 @@ items:
contains: contains:
abandoning: abandoning:
description: description:
- The total number of instances in the managed instance group that are scheduled to - The total number of instances in the managed instance group that are scheduled
be abandoned. Abandoning an instance removes it from the managed instance group to be abandoned. Abandoning an instance removes it from the managed instance
without deleting it. group without deleting it.
returned: success returned: success
type: int type: int
creating: creating:
description: description:
- The number of instances in the managed instance group that are scheduled to be created - The number of instances in the managed instance group that are scheduled
or are currently being created. If the group fails to create any of these instances, to be created or are currently being created. If the group fails to create
it tries again until it creates the instance successfully. any of these instances, it tries again until it creates the instance successfully.
- If you have disabled creation retries, this field will not be populated; instead, - If you have disabled creation retries, this field will not be populated;
the creatingWithoutRetries field will be populated. instead, the creatingWithoutRetries field will be populated.
returned: success returned: success
type: int type: int
creatingWithoutRetries: creatingWithoutRetries:
description: description:
- The number of instances that the managed instance group will attempt to create. - The number of instances that the managed instance group will attempt to
The group attempts to create each instance only once. If the group fails to create create. The group attempts to create each instance only once. If the group
any of these instances, it decreases the group's targetSize value accordingly. fails to create any of these instances, it decreases the group's targetSize
value accordingly.
returned: success returned: success
type: int type: int
deleting: deleting:
description: description:
- The number of instances in the managed instance group that are scheduled to be deleted - The number of instances in the managed instance group that are scheduled
or are currently being deleted. to be deleted or are currently being deleted.
returned: success returned: success
type: int type: int
none: none:
description: description:
- The number of instances in the managed instance group that are running and have - The number of instances in the managed instance group that are running
no scheduled actions. and have no scheduled actions.
returned: success returned: success
type: int type: int
recreating: recreating:
description: description:
- The number of instances in the managed instance group that are scheduled to be recreated - The number of instances in the managed instance group that are scheduled
or are currently being being recreated. to be recreated or are currently being being recreated.
- Recreating an instance deletes the existing root persistent disk and creates a new - Recreating an instance deletes the existing root persistent disk and creates
disk from the image that is defined in the instance template. a new disk from the image that is defined in the instance template.
returned: success returned: success
type: int type: int
refreshing: refreshing:
description: description:
- The number of instances in the managed instance group that are being reconfigured - The number of instances in the managed instance group that are being reconfigured
with properties that do not require a restart or a recreate action. For example, with properties that do not require a restart or a recreate action. For
setting or removing target pools for the instance. example, setting or removing target pools for the instance.
returned: success returned: success
type: int type: int
restarting: restarting:
description: description:
- The number of instances in the managed instance group that are scheduled to be restarted - The number of instances in the managed instance group that are scheduled
or are currently being restarted. to be restarted or are currently being restarted.
returned: success returned: success
type: int type: int
description: description:
@ -165,27 +165,28 @@ items:
type: dict type: dict
instanceTemplate: instanceTemplate:
description: description:
- The instance template that is specified for this managed instance group. The group - The instance template that is specified for this managed instance group. The
uses this template to create all new instances in the managed instance group. group uses this template to create all new instances in the managed instance
group.
returned: success returned: success
type: dict type: dict
name: name:
description: description:
- The name of the managed instance group. The name must be 1-63 characters long, and - The name of the managed instance group. The name must be 1-63 characters long,
comply with RFC1035. and comply with RFC1035.
returned: success returned: success
type: str type: str
namedPorts: namedPorts:
description: description:
- Named ports configured for the Instance Groups complementary to this Instance Group - Named ports configured for the Instance Groups complementary to this Instance
Manager. Group Manager.
returned: success returned: success
type: complex type: complex
contains: contains:
name: name:
description: description:
- The name for this named port. The name must be 1-63 characters long, and comply - The name for this named port. The name must be 1-63 characters long, and
with RFC1035. comply with RFC1035.
returned: success returned: success
type: str type: str
port: port:
@ -200,15 +201,16 @@ items:
type: str type: str
targetPools: targetPools:
description: description:
- TargetPool resources to which instances in the instanceGroup field are added. The - TargetPool resources to which instances in the instanceGroup field are added.
target pools automatically apply to all of the instances in the managed instance The target pools automatically apply to all of the instances in the managed
group. instance group.
returned: success returned: success
type: list type: list
targetSize: targetSize:
description: description:
- The target number of running instances for this managed instance group. Deleting - The target number of running instances for this managed instance group. Deleting
or abandoning instances reduces this number. Resizing the group changes this number. or abandoning instances reduces this number. Resizing the group changes this
number.
returned: success returned: success
type: int type: int
zone: zone:
@ -237,7 +239,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

598
plugins/modules/gcp_compute_instance_template.py
View file

File diff suppressed because it is too large Load diff

266
plugins/modules/gcp_compute_instance_template_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -79,7 +78,8 @@ items:
type: str type: str
id: id:
description: description:
- The unique identifier for the resource. This identifier is defined by the server. - The unique identifier for the resource. This identifier is defined by the
server.
returned: success returned: success
type: int type: int
name: name:
@ -95,45 +95,46 @@ items:
contains: contains:
canIpForward: canIpForward:
description: description:
- Enables instances created based on this template to send packets with source IP - Enables instances created based on this template to send packets with
addresses other than their own and receive packets with destination IP addresses source IP addresses other than their own and receive packets with destination
other than their own. If these instances will be used as an IP gateway or it will IP addresses other than their own. If these instances will be used as
be set as the next-hop in a Route resource, specify true. If unsure, leave this an IP gateway or it will be set as the next-hop in a Route resource, specify
set to false. true. If unsure, leave this set to false.
returned: success returned: success
type: bool type: bool
description: description:
description: description:
- An optional text description for the instances that are created from this instance - An optional text description for the instances that are created from this
template. instance template.
returned: success returned: success
type: str type: str
disks: disks:
description: description:
- An array of disks that are associated with the instances that are created from this - An array of disks that are associated with the instances that are created
template. from this template.
returned: success returned: success
type: complex type: complex
contains: contains:
autoDelete: autoDelete:
description: description:
- Specifies whether the disk will be auto-deleted when the instance is deleted (but - Specifies whether the disk will be auto-deleted when the instance
not when the disk is detached from the instance). is deleted (but not when the disk is detached from the instance).
- 'Tip: Disks should be set to autoDelete=true so that leftover disks are not left - 'Tip: Disks should be set to autoDelete=true so that leftover disks
behind on machine deletion.' are not left behind on machine deletion.'
returned: success returned: success
type: bool type: bool
boot: boot:
description: description:
- Indicates that this is a boot disk. The virtual machine will use the first partition - Indicates that this is a boot disk. The virtual machine will use the
of the disk for its root filesystem. first partition of the disk for its root filesystem.
returned: success returned: success
type: bool type: bool
deviceName: deviceName:
description: description:
- Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* - Specifies a unique device name of your choice that is reflected into
tree of a Linux operating system running within the instance. This name can be used the /dev/disk/by-id/google-* tree of a Linux operating system running
to reference the device for mounting, resizing, and so on, from within the instance. within the instance. This name can be used to reference the device
for mounting, resizing, and so on, from within the instance.
returned: success returned: success
type: str type: str
diskEncryptionKey: diskEncryptionKey:
@ -144,41 +145,42 @@ items:
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded
to either encrypt or decrypt this resource. in RFC 4648 base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
rsaEncryptedKey: rsaEncryptedKey:
description: description:
- Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption - Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied
key to either encrypt or decrypt this resource. encryption key to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
that protects this resource. encryption key that protects this resource.
returned: success returned: success
type: str type: str
index: index:
description: description:
- Assigns a zero-based index to this disk, where 0 is reserved for the boot disk. - Assigns a zero-based index to this disk, where 0 is reserved for the
For example, if you have many disks attached to an instance, each disk would have boot disk. For example, if you have many disks attached to an instance,
a unique index number. If not specified, the server will choose an appropriate value. each disk would have a unique index number. If not specified, the
server will choose an appropriate value.
returned: success returned: success
type: int type: int
initializeParams: initializeParams:
description: description:
- Specifies the parameters for a new disk that will be created alongside the new instance. - Specifies the parameters for a new disk that will be created alongside
Use initialization parameters to create boot disks or local SSDs attached to the the new instance. Use initialization parameters to create boot disks
new instance. or local SSDs attached to the new instance.
returned: success returned: success
type: complex type: complex
contains: contains:
diskName: diskName:
description: description:
- Specifies the disk name. If not specified, the default is to use the name of the - Specifies the disk name. If not specified, the default is to use
instance. the name of the instance.
returned: success returned: success
type: str type: str
diskSizeGb: diskSizeGb:
@ -195,60 +197,65 @@ items:
type: str type: str
sourceImage: sourceImage:
description: description:
- The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage - The source image to create this disk. When creating a new instance,
or disks.source is required. To create a disk with one of the public operating one of initializeParams.sourceImage or disks.source is required.
system images, specify the image by its family name. To create a disk with one of the public operating system images,
specify the image by its family name.
returned: success returned: success
type: str type: str
sourceImageEncryptionKey: sourceImageEncryptionKey:
description: description:
- The customer-supplied encryption key of the source image. Required if the source - The customer-supplied encryption key of the source image. Required
image is protected by a customer-supplied encryption key. if the source image is protected by a customer-supplied encryption
- Instance templates do not store customer-supplied encryption keys, so you cannot key.
create disks for instances in a managed instance group if the source images are - Instance templates do not store customer-supplied encryption keys,
encrypted with your own keys. so you cannot create disks for instances in a managed instance
group if the source images are encrypted with your own keys.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded
to either encrypt or decrypt this resource. in RFC 4648 base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
that protects this resource. encryption key that protects this resource.
returned: success returned: success
type: str type: str
interface: interface:
description: description:
- Specifies the disk interface to use for attaching this disk, which is either SCSI - Specifies the disk interface to use for attaching this disk, which
or NVME. The default is SCSI. is either SCSI or NVME. The default is SCSI.
- Persistent disks must always use SCSI and the request will fail if you attempt to - Persistent disks must always use SCSI and the request will fail if
attach a persistent disk in any other format than SCSI. you attempt to attach a persistent disk in any other format than SCSI.
returned: success returned: success
type: str type: str
mode: mode:
description: description:
- The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, - The mode in which to attach this disk, either READ_WRITE or READ_ONLY.
the default is to attach the disk in READ_WRITE mode. If not specified, the default is to attach the disk in READ_WRITE
mode.
returned: success returned: success
type: str type: str
source: source:
description: description:
- Reference to a gcompute_disk resource. When creating a new instance, one of initializeParams.sourceImage - Reference to a gcompute_disk resource. When creating a new instance,
or disks.source is required. one of initializeParams.sourceImage or disks.source is required.
- If desired, you can also attach existing non-root persistent disks using this property. - If desired, you can also attach existing non-root persistent disks
This field is only applicable for persistent disks. using this property. This field is only applicable for persistent
- Note that for InstanceTemplate, specify the disk name, not the URL for the disk. disks.
- Note that for InstanceTemplate, specify the disk name, not the URL
for the disk.
returned: success returned: success
type: dict type: dict
type: type:
description: description:
- Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, - Specifies the type of the disk, either SCRATCH or PERSISTENT. If not
the default is PERSISTENT. specified, the default is PERSISTENT.
returned: success returned: success
type: str type: str
machineType: machineType:
@ -256,15 +263,23 @@ items:
- Reference to a gcompute_machine_type resource. - Reference to a gcompute_machine_type resource.
returned: success returned: success
type: str type: str
minCpuPlatform:
description:
- Specifies a minimum CPU platform for the VM instance. Applicable values
are the friendly names of CPU platforms .
returned: success
type: str
metadata: metadata:
description: description:
- The metadata key/value pairs to assign to instances that are created from this template. - The metadata key/value pairs to assign to instances that are created from
These pairs can consist of custom metadata or predefined keys. this template. These pairs can consist of custom metadata or predefined
keys.
returned: success returned: success
type: dict type: dict
guestAccelerators: guestAccelerators:
description: description:
- List of the type and count of accelerator cards attached to the instance . - List of the type and count of accelerator cards attached to the instance
.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -275,40 +290,42 @@ items:
type: int type: int
acceleratorType: acceleratorType:
description: description:
- Full or partial URL of the accelerator type resource to expose to this instance. - Full or partial URL of the accelerator type resource to expose to
this instance.
returned: success returned: success
type: str type: str
networkInterfaces: networkInterfaces:
description: description:
- An array of configurations for this interface. This specifies how this interface - An array of configurations for this interface. This specifies how this
is configured to interact with other network services, such as connecting to the interface is configured to interact with other network services, such
internet. Only one network interface is supported per instance. as connecting to the internet. Only one network interface is supported
per instance.
returned: success returned: success
type: complex type: complex
contains: contains:
accessConfigs: accessConfigs:
description: description:
- An array of configurations for this interface. Currently, only one access config, - An array of configurations for this interface. Currently, only one
ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs
instance will have no external internet access. specified, then this instance will have no external internet access.
returned: success returned: success
type: complex type: complex
contains: contains:
name: name:
description: description:
- The name of this access configuration. The default and recommended name is External - The name of this access configuration. The default and recommended
NAT but you can use any arbitrary string you would like. For example, My external name is External NAT but you can use any arbitrary string you
IP or Network Access. would like. For example, My external IP or Network Access.
returned: success returned: success
type: str type: str
natIP: natIP:
description: description:
- Specifies the title of a gcompute_address. - Specifies the title of a gcompute_address.
- An external IP address associated with this instance. - An external IP address associated with this instance.
- Specify an unused static external IP address available to the project or leave this - Specify an unused static external IP address available to the
field undefined to use an IP from a shared ephemeral IP address pool. If you specify project or leave this field undefined to use an IP from a shared
a static external IP address, it must live in the same region as the zone of the ephemeral IP address pool. If you specify a static external IP
instance. address, it must live in the same region as the zone of the instance.
returned: success returned: success
type: dict type: dict
type: type:
@ -318,53 +335,57 @@ items:
type: str type: str
aliasIpRanges: aliasIpRanges:
description: description:
- An array of alias IP ranges for this network interface. Can only be specified for - An array of alias IP ranges for this network interface. Can only be
network interfaces on subnet-mode networks. specified for network interfaces on subnet-mode networks.
returned: success returned: success
type: complex type: complex
contains: contains:
ipCidrRange: ipCidrRange:
description: description:
- The IP CIDR range represented by this alias IP range. - The IP CIDR range represented by this alias IP range.
- This IP CIDR range must belong to the specified subnetwork and cannot contain IP - This IP CIDR range must belong to the specified subnetwork and
addresses reserved by system or used by other network interfaces. This range may cannot contain IP addresses reserved by system or used by other
be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string network interfaces. This range may be a single IP address (e.g.
(e.g. 10.1.2.0/24). 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g.
10.1.2.0/24).
returned: success returned: success
type: str type: str
subnetworkRangeName: subnetworkRangeName:
description: description:
- Optional subnetwork secondary range name specifying the secondary range from which - Optional subnetwork secondary range name specifying the secondary
to allocate the IP CIDR range for this alias IP range. If left unspecified, the range from which to allocate the IP CIDR range for this alias
primary range of the subnetwork will be used. IP range. If left unspecified, the primary range of the subnetwork
will be used.
returned: success returned: success
type: str type: str
name: name:
description: description:
- The name of the network interface, generated by the server. For network devices, - The name of the network interface, generated by the server. For network
these are eth0, eth1, etc . devices, these are eth0, eth1, etc .
returned: success returned: success
type: str type: str
network: network:
description: description:
- Specifies the title of an existing gcompute_network. When creating an instance, - Specifies the title of an existing gcompute_network. When creating
if neither the network nor the subnetwork is specified, the default network global/networks/default an instance, if neither the network nor the subnetwork is specified,
is used; if the network is not specified but the subnetwork is specified, the network the default network global/networks/default is used; if the network
is inferred. is not specified but the subnetwork is specified, the network is inferred.
returned: success returned: success
type: dict type: dict
networkIP: networkIP:
description: description:
- An IPv4 internal network address to assign to the instance for this network interface. - An IPv4 internal network address to assign to the instance for this
If not specified by the user, an unused internal IP is assigned by the system. network interface. If not specified by the user, an unused internal
IP is assigned by the system.
returned: success returned: success
type: str type: str
subnetwork: subnetwork:
description: description:
- Reference to a gcompute_subnetwork resource. - Reference to a gcompute_subnetwork resource.
- If the network resource is in legacy mode, do not provide this property. If the - If the network resource is in legacy mode, do not provide this property.
network is in auto subnet mode, providing the subnetwork is optional. If the network If the network is in auto subnet mode, providing the subnetwork is
is in custom subnet mode, then this field should be specified. optional. If the network is in custom subnet mode, then this field
should be specified.
returned: success returned: success
type: dict type: dict
scheduling: scheduling:
@ -375,30 +396,31 @@ items:
contains: contains:
automaticRestart: automaticRestart:
description: description:
- Specifies whether the instance should be automatically restarted if it is terminated - Specifies whether the instance should be automatically restarted if
by Compute Engine (not terminated by a user). it is terminated by Compute Engine (not terminated by a user).
- You can only set the automatic restart option for standard instances. Preemptible - You can only set the automatic restart option for standard instances.
instances cannot be automatically restarted. Preemptible instances cannot be automatically restarted.
returned: success returned: success
type: bool type: bool
onHostMaintenance: onHostMaintenance:
description: description:
- Defines the maintenance behavior for this instance. For standard instances, the - Defines the maintenance behavior for this instance. For standard instances,
default behavior is MIGRATE. For preemptible instances, the default and only possible the default behavior is MIGRATE. For preemptible instances, the default
behavior is TERMINATE. and only possible behavior is TERMINATE.
- For more information, see Setting Instance Scheduling Options. - For more information, see Setting Instance Scheduling Options.
returned: success returned: success
type: str type: str
preemptible: preemptible:
description: description:
- Defines whether the instance is preemptible. This can only be set during instance - Defines whether the instance is preemptible. This can only be set
creation, it cannot be set or changed after the instance has been created. during instance creation, it cannot be set or changed after the instance
has been created.
returned: success returned: success
type: bool type: bool
serviceAccounts: serviceAccounts:
description: description:
- A list of service accounts, with their specified scopes, authorized for this instance. - A list of service accounts, with their specified scopes, authorized for
Only one service account per VM instance is supported. this instance. Only one service account per VM instance is supported.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -414,25 +436,27 @@ items:
type: list type: list
tags: tags:
description: description:
- A list of tags to apply to this instance. Tags are used to identify valid sources - A list of tags to apply to this instance. Tags are used to identify valid
or targets for network firewalls and are specified by the client during instance sources or targets for network firewalls and are specified by the client
creation. The tags can be later modified by the setTags method. Each tag within during instance creation. The tags can be later modified by the setTags
the list must comply with RFC1035. method. Each tag within the list must comply with RFC1035.
returned: success returned: success
type: complex type: complex
contains: contains:
fingerprint: fingerprint:
description: description:
- Specifies a fingerprint for this request, which is essentially a hash of the metadata's - Specifies a fingerprint for this request, which is essentially a hash
contents and used for optimistic locking. of the metadata's contents and used for optimistic locking.
- The fingerprint is initially generated by Compute Engine and changes after every - The fingerprint is initially generated by Compute Engine and changes
request to modify or update metadata. You must always provide an up-to-date fingerprint after every request to modify or update metadata. You must always
hash in order to update or change metadata. provide an up-to-date fingerprint hash in order to update or change
metadata.
returned: success returned: success
type: str type: str
items: items:
description: description:
- An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035. - An array of tags. Each tag must be 1-63 characters long, and comply
with RFC1035.
returned: success returned: success
type: list type: list
''' '''
@ -455,7 +479,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

97
plugins/modules/gcp_compute_network.py
View file

@ -55,8 +55,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -64,46 +66,49 @@ options:
required: false required: false
ipv4_range: ipv4_range:
description: description:
- 'The range of internal addresses that are legal on this network. This range is a - 'The range of internal addresses that are legal on this network. This range
CIDR specification, for example: 192.168.0.0/16. Provided by the client when the is a CIDR specification, for example: 192.168.0.0/16. Provided by the client
network is created.' when the network is created.'
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
auto_create_subnetworks: auto_create_subnetworks:
description: description:
- When set to true, the network is created in "auto subnet mode". When set to false, - When set to true, the network is created in "auto subnet mode". When set to
the network is in "custom subnet mode". false, the network is in "custom subnet mode".
- In "auto subnet mode", a newly created network is assigned the default CIDR of 10.128.0.0/9 - In "auto subnet mode", a newly created network is assigned the default CIDR
and it automatically creates one subnetwork per region. of 10.128.0.0/9 and it automatically creates one subnetwork per region.
required: false required: false
type: bool type: bool
routing_config: routing_config:
description: description:
- The network-level routing configuration for this network. Used by Cloud Router to - The network-level routing configuration for this network. Used by Cloud Router
determine what type of network-wide routing behavior to enforce. to determine what type of network-wide routing behavior to enforce.
required: false required: false
version_added: 2.8 version_added: 2.8
suboptions: suboptions:
routing_mode: routing_mode:
description: description:
- The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers - The network-wide routing mode to use. If set to REGIONAL, this network's
will only advertise routes with subnetworks of this network in the same region as cloud routers will only advertise routes with subnetworks of this network
the router. If set to GLOBAL, this network's cloud routers will advertise routes in the same region as the router. If set to GLOBAL, this network's cloud
with all subnetworks of this network, across regions. routers will advertise routes with all subnetworks of this network, across
regions.
required: true required: true
choices: ['REGIONAL', 'GLOBAL'] choices:
- REGIONAL
- GLOBAL
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/networks)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/networks)'
- "Official Documentation: U(https://cloud.google.com/vpc/docs/vpc)" - 'Official Documentation: U(https://cloud.google.com/vpc/docs/vpc)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -138,19 +143,19 @@ RETURN = '''
type: int type: int
ipv4_range: ipv4_range:
description: description:
- 'The range of internal addresses that are legal on this network. This range is a - 'The range of internal addresses that are legal on this network. This range is
CIDR specification, for example: 192.168.0.0/16. Provided by the client when the a CIDR specification, for example: 192.168.0.0/16. Provided by the client when
network is created.' the network is created.'
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
subnetworks: subnetworks:
@ -162,8 +167,8 @@ RETURN = '''
description: description:
- When set to true, the network is created in "auto subnet mode". When set to false, - When set to true, the network is created in "auto subnet mode". When set to false,
the network is in "custom subnet mode". the network is in "custom subnet mode".
- In "auto subnet mode", a newly created network is assigned the default CIDR of 10.128.0.0/9 - In "auto subnet mode", a newly created network is assigned the default CIDR of
and it automatically creates one subnetwork per region. 10.128.0.0/9 and it automatically creates one subnetwork per region.
returned: success returned: success
type: bool type: bool
creationTimestamp: creationTimestamp:
@ -173,17 +178,17 @@ RETURN = '''
type: str type: str
routingConfig: routingConfig:
description: description:
- The network-level routing configuration for this network. Used by Cloud Router to - The network-level routing configuration for this network. Used by Cloud Router
determine what type of network-wide routing behavior to enforce. to determine what type of network-wide routing behavior to enforce.
returned: success returned: success
type: complex type: complex
contains: contains:
routingMode: routingMode:
description: description:
- The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers - The network-wide routing mode to use. If set to REGIONAL, this network's cloud
will only advertise routes with subnetworks of this network in the same region as routers will only advertise routes with subnetworks of this network in the
the router. If set to GLOBAL, this network's cloud routers will advertise routes same region as the router. If set to GLOBAL, this network's cloud routers
with all subnetworks of this network, across regions. will advertise routes with all subnetworks of this network, across regions.
returned: success returned: success
type: str type: str
''' '''
@ -273,7 +278,7 @@ def routing_config_update(module, request, response):
"projects/{project}/regions/{region}/subnetworks/{name}" "projects/{project}/regions/{region}/subnetworks/{name}"
]).format(**module.params), ]).format(**module.params),
{ {
u'routingConfig': NetworkRoutingConfigArray(module.params.get('routing_config', []), module).to_request() u'routingConfig': NetworkRoutingconfigArray(module.params.get('routing_config', []), module).to_request()
} }
) )
@ -290,7 +295,7 @@ def resource_to_request(module):
u'IPv4Range': module.params.get('ipv4_range'), u'IPv4Range': module.params.get('ipv4_range'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'autoCreateSubnetworks': module.params.get('auto_create_subnetworks'), u'autoCreateSubnetworks': module.params.get('auto_create_subnetworks'),
u'routingConfig': NetworkRoutingConfigArray(module.params.get('routing_config', []), module).to_request() u'routingConfig': NetworkRoutingconfigArray(module.params.get('routing_config', []), module).to_request()
} }
return_vals = {} return_vals = {}
for k, v in request.items(): for k, v in request.items():
@ -364,7 +369,7 @@ def response_to_hash(module, response):
u'subnetworks': response.get(u'subnetworks'), u'subnetworks': response.get(u'subnetworks'),
u'autoCreateSubnetworks': module.params.get('auto_create_subnetworks'), u'autoCreateSubnetworks': module.params.get('auto_create_subnetworks'),
u'creationTimestamp': response.get(u'creationTimestamp'), u'creationTimestamp': response.get(u'creationTimestamp'),
u'routingConfig': NetworkRoutingConfigArray(response.get(u'routingConfig', []), module).from_response() u'routingConfig': NetworkRoutingconfigArray(response.get(u'routingConfig', []), module).from_response()
} }
@ -392,8 +397,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -405,7 +408,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class NetworkRoutingConfigArray(object): class NetworkRoutingconfigArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

54
plugins/modules/gcp_compute_network_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -74,9 +73,9 @@ items:
type: str type: str
gateway_ipv4: gateway_ipv4:
description: description:
- A gateway address for default routing to other networks. This value is read only - A gateway address for default routing to other networks. This value is read
and is selected by the Google Compute Engine, typically as the first usable address only and is selected by the Google Compute Engine, typically as the first
in the IPv4Range. usable address in the IPv4Range.
returned: success returned: success
type: str type: str
id: id:
@ -86,19 +85,19 @@ items:
type: int type: int
ipv4_range: ipv4_range:
description: description:
- 'The range of internal addresses that are legal on this network. This range is a - 'The range of internal addresses that are legal on this network. This range
CIDR specification, for example: 192.168.0.0/16. Provided by the client when the is a CIDR specification, for example: 192.168.0.0/16. Provided by the client
network is created.' when the network is created.'
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
subnetworks: subnetworks:
@ -108,10 +107,10 @@ items:
type: list type: list
autoCreateSubnetworks: autoCreateSubnetworks:
description: description:
- When set to true, the network is created in "auto subnet mode". When set to false, - When set to true, the network is created in "auto subnet mode". When set to
the network is in "custom subnet mode". false, the network is in "custom subnet mode".
- In "auto subnet mode", a newly created network is assigned the default CIDR of 10.128.0.0/9 - In "auto subnet mode", a newly created network is assigned the default CIDR
and it automatically creates one subnetwork per region. of 10.128.0.0/9 and it automatically creates one subnetwork per region.
returned: success returned: success
type: bool type: bool
creationTimestamp: creationTimestamp:
@ -121,17 +120,18 @@ items:
type: str type: str
routingConfig: routingConfig:
description: description:
- The network-level routing configuration for this network. Used by Cloud Router to - The network-level routing configuration for this network. Used by Cloud Router
determine what type of network-wide routing behavior to enforce. to determine what type of network-wide routing behavior to enforce.
returned: success returned: success
type: complex type: complex
contains: contains:
routingMode: routingMode:
description: description:
- The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers - The network-wide routing mode to use. If set to REGIONAL, this network's
will only advertise routes with subnetworks of this network in the same region as cloud routers will only advertise routes with subnetworks of this network
the router. If set to GLOBAL, this network's cloud routers will advertise routes in the same region as the router. If set to GLOBAL, this network's cloud
with all subnetworks of this network, across regions. routers will advertise routes with all subnetworks of this network, across
regions.
returned: success returned: success
type: str type: str
''' '''
@ -154,7 +154,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

162
plugins/modules/gcp_compute_region_disk.py
View file

@ -54,8 +54,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -71,20 +73,21 @@ options:
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
size_gb: size_gb:
description: description:
- Size of the persistent disk, specified in GB. You can specify this field when creating - Size of the persistent disk, specified in GB. You can specify this field when
a persistent disk using the sourceImage or sourceSnapshot parameter, or specify creating a persistent disk using the sourceImage or sourceSnapshot parameter,
it alone to create an empty persistent disk. or specify it alone to create an empty persistent disk.
- If you specify this field along with sourceImage or sourceSnapshot, the value of - If you specify this field along with sourceImage or sourceSnapshot, the value
sizeGb must not be less than the size of the sourceImage or the size of the snapshot. of sizeGb must not be less than the size of the sourceImage or the size of the
snapshot.
required: false required: false
replica_zones: replica_zones:
description: description:
@ -92,8 +95,8 @@ options:
required: true required: true
type: type:
description: description:
- URL of the disk type resource describing which disk type to use to create the disk. - URL of the disk type resource describing which disk type to use to create the
Provide this when creating the disk. disk. Provide this when creating the disk.
required: false required: false
region: region:
description: description:
@ -102,57 +105,55 @@ options:
disk_encryption_key: disk_encryption_key:
description: description:
- Encrypts the disk using a customer-supplied encryption key. - Encrypts the disk using a customer-supplied encryption key.
- After you encrypt a disk with a customer-supplied key, you must provide the same - After you encrypt a disk with a customer-supplied key, you must provide the
key if you use the disk later (e.g. to create a disk snapshot or an image, or to same key if you use the disk later (e.g. to create a disk snapshot or an image,
attach the disk to a virtual machine). or to attach the disk to a virtual machine).
- Customer-supplied encryption keys do not protect access to metadata of the disk. - Customer-supplied encryption keys do not protect access to metadata of the disk.
- If you do not provide an encryption key when creating the disk, then the disk will - If you do not provide an encryption key when creating the disk, then the disk
be encrypted using an automatically generated key and you do not need to provide will be encrypted using an automatically generated key and you do not need to
a key to use the disk later. provide a key to use the disk later.
required: false required: false
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
source_snapshot: source_snapshot:
description: description:
- 'The source snapshot used to create this disk. You can provide this as a partial or - The source snapshot used to create this disk. You can provide this as a partial
full URL to the resource. For example, the following are valid values: * or full URL to the resource.
`U(https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot`)
* `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` .'
- 'This field represents a link to a Snapshot resource in GCP. It can be specified - 'This field represents a link to a Snapshot resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_snapshot in two ways. You can add `register: name-of-resource` to a gcp_compute_snapshot
task and then set this source_snapshot field to "{{ name-of-resource }}" Alternatively, task and then set this source_snapshot field to "{{ name-of-resource }}" Alternatively,
you can set this source_snapshot to a dictionary with the selfLink key where the you can set this source_snapshot to a dictionary with the selfLink key where
value is the selfLink of your Snapshot.' the value is the selfLink of your Snapshot'
required: false required: false
source_snapshot_encryption_key: source_snapshot_encryption_key:
description: description:
- The customer-supplied encryption key of the source snapshot. Required if the source - The customer-supplied encryption key of the source snapshot. Required if the
snapshot is protected by a customer-supplied encryption key. source snapshot is protected by a customer-supplied encryption key.
required: false required: false
suboptions: suboptions:
raw_key: raw_key:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
required: false required: false
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/beta/regionDisks)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/beta/regionDisks)'
- "Adding or Resizing Regional Persistent Disks: U(https://cloud.google.com/compute/docs/disks/regional-persistent-disk)" - 'Adding or Resizing Regional Persistent Disks: U(https://cloud.google.com/compute/docs/disks/regional-persistent-disk)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -175,8 +176,8 @@ EXAMPLES = '''
RETURN = ''' RETURN = '''
labelFingerprint: labelFingerprint:
description: description:
- The fingerprint used for optimistic locking of this resource. Used internally during - The fingerprint used for optimistic locking of this resource. Used internally
updates. during updates.
returned: success returned: success
type: str type: str
creationTimestamp: creationTimestamp:
@ -217,21 +218,22 @@ RETURN = '''
type: list type: list
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
sizeGb: sizeGb:
description: description:
- Size of the persistent disk, specified in GB. You can specify this field when creating - Size of the persistent disk, specified in GB. You can specify this field when
a persistent disk using the sourceImage or sourceSnapshot parameter, or specify creating a persistent disk using the sourceImage or sourceSnapshot parameter,
it alone to create an empty persistent disk. or specify it alone to create an empty persistent disk.
- If you specify this field along with sourceImage or sourceSnapshot, the value of - If you specify this field along with sourceImage or sourceSnapshot, the value
sizeGb must not be less than the size of the sourceImage or the size of the snapshot. of sizeGb must not be less than the size of the sourceImage or the size of the
snapshot.
returned: success returned: success
type: int type: int
users: users:
@ -247,8 +249,8 @@ RETURN = '''
type: list type: list
type: type:
description: description:
- URL of the disk type resource describing which disk type to use to create the disk. - URL of the disk type resource describing which disk type to use to create the
Provide this when creating the disk. disk. Provide this when creating the disk.
returned: success returned: success
type: str type: str
region: region:
@ -260,33 +262,31 @@ RETURN = '''
description: description:
- Encrypts the disk using a customer-supplied encryption key. - Encrypts the disk using a customer-supplied encryption key.
- After you encrypt a disk with a customer-supplied key, you must provide the same - After you encrypt a disk with a customer-supplied key, you must provide the same
key if you use the disk later (e.g. to create a disk snapshot or an image, or to key if you use the disk later (e.g. to create a disk snapshot or an image, or
attach the disk to a virtual machine). to attach the disk to a virtual machine).
- Customer-supplied encryption keys do not protect access to metadata of the disk. - Customer-supplied encryption keys do not protect access to metadata of the disk.
- If you do not provide an encryption key when creating the disk, then the disk will - If you do not provide an encryption key when creating the disk, then the disk
be encrypted using an automatically generated key and you do not need to provide will be encrypted using an automatically generated key and you do not need to
a key to use the disk later. provide a key to use the disk later.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshot: sourceSnapshot:
description: description:
- 'The source snapshot used to create this disk. You can provide this as a partial or - The source snapshot used to create this disk. You can provide this as a partial
full URL to the resource. For example, the following are valid values: * or full URL to the resource.
`U(https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot`)
* `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` .'
returned: success returned: success
type: dict type: dict
sourceSnapshotEncryptionKey: sourceSnapshotEncryptionKey:
@ -298,23 +298,23 @@ RETURN = '''
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshotId: sourceSnapshotId:
description: description:
- The unique ID of the snapshot used to create this disk. This value identifies the - The unique ID of the snapshot used to create this disk. This value identifies
exact snapshot that was used to create this persistent disk. For example, if you the exact snapshot that was used to create this persistent disk. For example,
created the persistent disk from a snapshot that was later deleted and recreated if you created the persistent disk from a snapshot that was later deleted and
under the same name, the source snapshot ID would identify the exact version of recreated under the same name, the source snapshot ID would identify the exact
the snapshot that was used. version of the snapshot that was used.
returned: success returned: success
type: str type: str
''' '''
@ -443,8 +443,8 @@ def delete(module, link, kind):
def resource_to_request(module): def resource_to_request(module):
request = { request = {
u'kind': 'compute#disk', u'kind': 'compute#disk',
u'diskEncryptionKey': RegionDiskDiskEncryptionKey(module.params.get('disk_encryption_key', {}), module).to_request(), u'diskEncryptionKey': RegionDiskDiskencryptionkey(module.params.get('disk_encryption_key', {}), module).to_request(),
u'sourceSnapshotEncryptionKey': RegionDiskSourceSnapshotEncryptionKey(module.params.get('source_snapshot_encryption_key', {}), module).to_request(), u'sourceSnapshotEncryptionKey': RegionDiskSourcesnapshotencryptionkey(module.params.get('source_snapshot_encryption_key', {}), module).to_request(),
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'labels': module.params.get('labels'), u'labels': module.params.get('labels'),
u'licenses': module.params.get('licenses'), u'licenses': module.params.get('licenses'),
@ -575,8 +575,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -588,7 +586,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class RegionDiskDiskEncryptionKey(object): class RegionDiskDiskencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -609,7 +607,7 @@ class RegionDiskDiskEncryptionKey(object):
}) })
class RegionDiskSourceSnapshotEncryptionKey(object): class RegionDiskSourcesnapshotencryptionkey(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

91
plugins/modules/gcp_compute_region_disk_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- A reference to the region where the disk resides. - A reference to the region where the disk resides.
@ -73,8 +72,8 @@ items:
contains: contains:
labelFingerprint: labelFingerprint:
description: description:
- The fingerprint used for optimistic locking of this resource. Used internally during - The fingerprint used for optimistic locking of this resource. Used internally
updates. during updates.
returned: success returned: success
type: str type: str
creationTimestamp: creationTimestamp:
@ -115,21 +114,22 @@ items:
type: list type: list
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
sizeGb: sizeGb:
description: description:
- Size of the persistent disk, specified in GB. You can specify this field when creating - Size of the persistent disk, specified in GB. You can specify this field when
a persistent disk using the sourceImage or sourceSnapshot parameter, or specify creating a persistent disk using the sourceImage or sourceSnapshot parameter,
it alone to create an empty persistent disk. or specify it alone to create an empty persistent disk.
- If you specify this field along with sourceImage or sourceSnapshot, the value of - If you specify this field along with sourceImage or sourceSnapshot, the value
sizeGb must not be less than the size of the sourceImage or the size of the snapshot. of sizeGb must not be less than the size of the sourceImage or the size of
the snapshot.
returned: success returned: success
type: int type: int
users: users:
@ -145,8 +145,8 @@ items:
type: list type: list
type: type:
description: description:
- URL of the disk type resource describing which disk type to use to create the disk. - URL of the disk type resource describing which disk type to use to create
Provide this when creating the disk. the disk. Provide this when creating the disk.
returned: success returned: success
type: str type: str
region: region:
@ -157,62 +157,61 @@ items:
diskEncryptionKey: diskEncryptionKey:
description: description:
- Encrypts the disk using a customer-supplied encryption key. - Encrypts the disk using a customer-supplied encryption key.
- After you encrypt a disk with a customer-supplied key, you must provide the same - After you encrypt a disk with a customer-supplied key, you must provide the
key if you use the disk later (e.g. to create a disk snapshot or an image, or to same key if you use the disk later (e.g. to create a disk snapshot or an image,
attach the disk to a virtual machine). or to attach the disk to a virtual machine).
- Customer-supplied encryption keys do not protect access to metadata of the disk. - Customer-supplied encryption keys do not protect access to metadata of the
- If you do not provide an encryption key when creating the disk, then the disk will disk.
be encrypted using an automatically generated key and you do not need to provide - If you do not provide an encryption key when creating the disk, then the disk
a key to use the disk later. will be encrypted using an automatically generated key and you do not need
to provide a key to use the disk later.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshot: sourceSnapshot:
description: description:
- 'The source snapshot used to create this disk. You can provide this as a partial - The source snapshot used to create this disk. You can provide this as a partial
or full URL to the resource. For example, the following are valid values: * or full URL to the resource.
`U(https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot`)
* `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot` .'
returned: success returned: success
type: dict type: dict
sourceSnapshotEncryptionKey: sourceSnapshotEncryptionKey:
description: description:
- The customer-supplied encryption key of the source snapshot. Required if the source - The customer-supplied encryption key of the source snapshot. Required if the
snapshot is protected by a customer-supplied encryption key. source snapshot is protected by a customer-supplied encryption key.
returned: success returned: success
type: complex type: complex
contains: contains:
rawKey: rawKey:
description: description:
- Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 - Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648
to either encrypt or decrypt this resource. base64 to either encrypt or decrypt this resource.
returned: success returned: success
type: str type: str
sha256: sha256:
description: description:
- The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key - The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption
that protects this resource. key that protects this resource.
returned: success returned: success
type: str type: str
sourceSnapshotId: sourceSnapshotId:
description: description:
- The unique ID of the snapshot used to create this disk. This value identifies the - The unique ID of the snapshot used to create this disk. This value identifies
exact snapshot that was used to create this persistent disk. For example, if you the exact snapshot that was used to create this persistent disk. For example,
created the persistent disk from a snapshot that was later deleted and recreated if you created the persistent disk from a snapshot that was later deleted
under the same name, the source snapshot ID would identify the exact version of and recreated under the same name, the source snapshot ID would identify the
the snapshot that was used. exact version of the snapshot that was used.
returned: success returned: success
type: str type: str
''' '''
@ -236,7 +235,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

52
plugins/modules/gcp_compute_route.py
View file

@ -59,8 +59,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
dest_range: dest_range:
description: description:
- The destination range of outgoing packets that this route applies to. - The destination range of outgoing packets that this route applies to.
@ -74,21 +76,21 @@ options:
version_added: 2.7 version_added: 2.7
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
network: network:
description: description:
- The network that this route applies to. - The network that this route applies to.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: true required: true
priority: priority:
description: description:
@ -105,8 +107,8 @@ options:
next_hop_gateway: next_hop_gateway:
description: description:
- URL to a gateway that should handle matching packets. - URL to a gateway that should handle matching packets.
- 'Currently, you can only specify the internet gateway, using a full or partial valid - 'Currently, you can only specify the internet gateway, using a full or partial
URL: * U(https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway) valid URL: * U(https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway)
* projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway * projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway
.' .'
required: false required: false
@ -127,8 +129,8 @@ options:
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/routes)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/routes)'
- "Using Routes: U(https://cloud.google.com/vpc/docs/using-routes)" - 'Using Routes: U(https://cloud.google.com/vpc/docs/using-routes)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -171,12 +173,12 @@ RETURN = '''
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
@ -201,8 +203,8 @@ RETURN = '''
nextHopGateway: nextHopGateway:
description: description:
- URL to a gateway that should handle matching packets. - URL to a gateway that should handle matching packets.
- 'Currently, you can only specify the internet gateway, using a full or partial valid - 'Currently, you can only specify the internet gateway, using a full or partial
URL: * U(https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway) valid URL: * U(https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway)
* projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway * projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway
.' .'
returned: success returned: success
@ -425,8 +427,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

29
plugins/modules/gcp_compute_route_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -80,12 +79,12 @@ items:
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
@ -95,8 +94,8 @@ items:
type: dict type: dict
priority: priority:
description: description:
- The priority of this route. Priority is used to break ties in cases where there - The priority of this route. Priority is used to break ties in cases where
is more than one matching route of equal prefix length. there is more than one matching route of equal prefix length.
- In the case of two routes with equal prefix length, the one with the lowest-numbered - In the case of two routes with equal prefix length, the one with the lowest-numbered
priority value wins. priority value wins.
- Default value is 1000. Valid range is 0 through 65535. - Default value is 1000. Valid range is 0 through 65535.
@ -110,8 +109,8 @@ items:
nextHopGateway: nextHopGateway:
description: description:
- URL to a gateway that should handle matching packets. - URL to a gateway that should handle matching packets.
- 'Currently, you can only specify the internet gateway, using a full or partial valid - 'Currently, you can only specify the internet gateway, using a full or partial
URL: * U(https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway) valid URL: * U(https://www.googleapis.com/compute/v1/projects/project/global/gateways/default-internet-gateway)
* projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway * projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway
.' .'
returned: success returned: success
@ -159,7 +158,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

79
plugins/modules/gcp_compute_router.py
View file

@ -44,15 +44,17 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. - Name of the resource. The name must be 1-63 characters long, and comply with
Specifically, the name must be 1-63 characters long and match the regular expression RFC1035. Specifically, the name must be 1-63 characters long and match the regular
`[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must
letter, and all following characters must be a dash, lowercase letter, or digit, be a lowercase letter, and all following characters must be a dash, lowercase
except the last character, which cannot be a dash. letter, or digit, except the last character, which cannot be a dash.
required: true required: true
description: description:
description: description:
@ -62,10 +64,10 @@ options:
description: description:
- A reference to the network to which this router belongs. - A reference to the network to which this router belongs.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: true required: true
bgp: bgp:
description: description:
@ -74,9 +76,9 @@ options:
suboptions: suboptions:
asn: asn:
description: description:
- Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either - Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN,
16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels either 16-bit or 32-bit. The value will be fixed for this router resource.
that link to this router will have the same local ASN. All VPN tunnels that link to this router will have the same local ASN.
required: true required: true
advertise_mode: advertise_mode:
description: description:
@ -84,20 +86,24 @@ options:
- 'Valid values of this enum field are: DEFAULT, CUSTOM .' - 'Valid values of this enum field are: DEFAULT, CUSTOM .'
required: false required: false
default: DEFAULT default: DEFAULT
choices: ['DEFAULT', 'CUSTOM'] choices:
- DEFAULT
- CUSTOM
advertised_groups: advertised_groups:
description: description:
- User-specified list of prefix groups to advertise in custom mode. - User-specified list of prefix groups to advertise in custom mode.
- This field can only be populated if advertiseMode is CUSTOM and is advertised to - This field can only be populated if advertiseMode is CUSTOM and is advertised
all peers of the router. These groups will be advertised in addition to any specified to all peers of the router. These groups will be advertised in addition
prefixes. Leave this field blank to advertise no custom groups. to any specified prefixes. Leave this field blank to advertise no custom
groups.
- 'This enum field has the one valid value: ALL_SUBNETS .' - 'This enum field has the one valid value: ALL_SUBNETS .'
required: false required: false
advertised_ip_ranges: advertised_ip_ranges:
description: description:
- User-specified list of individual IP ranges to advertise in custom mode. This field - User-specified list of individual IP ranges to advertise in custom mode.
can only be populated if advertiseMode is CUSTOM and is advertised to all peers This field can only be populated if advertiseMode is CUSTOM and is advertised
of the router. These IP ranges will be advertised in addition to any specified groups. to all peers of the router. These IP ranges will be advertised in addition
to any specified groups.
- Leave this field blank to advertise no custom IP ranges. - Leave this field blank to advertise no custom IP ranges.
required: false required: false
suboptions: suboptions:
@ -115,8 +121,8 @@ options:
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/routers)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/routers)'
- "Google Cloud Router: U(https://cloud.google.com/router/docs/)" - 'Google Cloud Router: U(https://cloud.google.com/router/docs/)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -186,9 +192,9 @@ RETURN = '''
contains: contains:
asn: asn:
description: description:
- Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either - Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN,
16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels either 16-bit or 32-bit. The value will be fixed for this router resource.
that link to this router will have the same local ASN. All VPN tunnels that link to this router will have the same local ASN.
returned: success returned: success
type: int type: int
advertiseMode: advertiseMode:
@ -200,17 +206,18 @@ RETURN = '''
advertisedGroups: advertisedGroups:
description: description:
- User-specified list of prefix groups to advertise in custom mode. - User-specified list of prefix groups to advertise in custom mode.
- This field can only be populated if advertiseMode is CUSTOM and is advertised to - This field can only be populated if advertiseMode is CUSTOM and is advertised
all peers of the router. These groups will be advertised in addition to any specified to all peers of the router. These groups will be advertised in addition to
prefixes. Leave this field blank to advertise no custom groups. any specified prefixes. Leave this field blank to advertise no custom groups.
- 'This enum field has the one valid value: ALL_SUBNETS .' - 'This enum field has the one valid value: ALL_SUBNETS .'
returned: success returned: success
type: list type: list
advertisedIpRanges: advertisedIpRanges:
description: description:
- User-specified list of individual IP ranges to advertise in custom mode. This field - User-specified list of individual IP ranges to advertise in custom mode. This
can only be populated if advertiseMode is CUSTOM and is advertised to all peers field can only be populated if advertiseMode is CUSTOM and is advertised to
of the router. These IP ranges will be advertised in addition to any specified groups. all peers of the router. These IP ranges will be advertised in addition to
any specified groups.
- Leave this field blank to advertise no custom IP ranges. - Leave this field blank to advertise no custom IP ranges.
returned: success returned: success
type: complex type: complex
@ -419,8 +426,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -445,7 +450,7 @@ class RouterBgp(object):
u'asn': self.request.get('asn'), u'asn': self.request.get('asn'),
u'advertiseMode': self.request.get('advertise_mode'), u'advertiseMode': self.request.get('advertise_mode'),
u'advertisedGroups': self.request.get('advertised_groups'), u'advertisedGroups': self.request.get('advertised_groups'),
u'advertisedIpRanges': RouterAdvertisedIpRangesArray(self.request.get('advertised_ip_ranges', []), self.module).to_request() u'advertisedIpRanges': RouterAdvertisediprangesArray(self.request.get('advertised_ip_ranges', []), self.module).to_request()
}) })
def from_response(self): def from_response(self):
@ -453,11 +458,11 @@ class RouterBgp(object):
u'asn': self.request.get(u'asn'), u'asn': self.request.get(u'asn'),
u'advertiseMode': self.request.get(u'advertiseMode'), u'advertiseMode': self.request.get(u'advertiseMode'),
u'advertisedGroups': self.request.get(u'advertisedGroups'), u'advertisedGroups': self.request.get(u'advertisedGroups'),
u'advertisedIpRanges': RouterAdvertisedIpRangesArray(self.request.get(u'advertisedIpRanges', []), self.module).from_response() u'advertisedIpRanges': RouterAdvertisediprangesArray(self.request.get(u'advertisedIpRanges', []), self.module).from_response()
}) })
class RouterAdvertisedIpRangesArray(object): class RouterAdvertisediprangesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

39
plugins/modules/gcp_compute_router_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- Region where the router resides. - Region where the router resides.
@ -83,11 +82,11 @@ items:
type: str type: str
name: name:
description: description:
- Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. - Name of the resource. The name must be 1-63 characters long, and comply with
Specifically, the name must be 1-63 characters long and match the regular expression RFC1035. Specifically, the name must be 1-63 characters long and match the
`[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character
letter, and all following characters must be a dash, lowercase letter, or digit, must be a lowercase letter, and all following characters must be a dash, lowercase
except the last character, which cannot be a dash. letter, or digit, except the last character, which cannot be a dash.
returned: success returned: success
type: str type: str
description: description:
@ -108,9 +107,9 @@ items:
contains: contains:
asn: asn:
description: description:
- Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either - Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN,
16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels either 16-bit or 32-bit. The value will be fixed for this router resource.
that link to this router will have the same local ASN. All VPN tunnels that link to this router will have the same local ASN.
returned: success returned: success
type: int type: int
advertiseMode: advertiseMode:
@ -122,17 +121,19 @@ items:
advertisedGroups: advertisedGroups:
description: description:
- User-specified list of prefix groups to advertise in custom mode. - User-specified list of prefix groups to advertise in custom mode.
- This field can only be populated if advertiseMode is CUSTOM and is advertised to - This field can only be populated if advertiseMode is CUSTOM and is advertised
all peers of the router. These groups will be advertised in addition to any specified to all peers of the router. These groups will be advertised in addition
prefixes. Leave this field blank to advertise no custom groups. to any specified prefixes. Leave this field blank to advertise no custom
groups.
- 'This enum field has the one valid value: ALL_SUBNETS .' - 'This enum field has the one valid value: ALL_SUBNETS .'
returned: success returned: success
type: list type: list
advertisedIpRanges: advertisedIpRanges:
description: description:
- User-specified list of individual IP ranges to advertise in custom mode. This field - User-specified list of individual IP ranges to advertise in custom mode.
can only be populated if advertiseMode is CUSTOM and is advertised to all peers This field can only be populated if advertiseMode is CUSTOM and is advertised
of the router. These IP ranges will be advertised in addition to any specified groups. to all peers of the router. These IP ranges will be advertised in addition
to any specified groups.
- Leave this field blank to advertise no custom IP ranges. - Leave this field blank to advertise no custom IP ranges.
returned: success returned: success
type: complex type: complex
@ -173,7 +174,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

36
plugins/modules/gcp_compute_ssl_certificate.py
View file

@ -46,8 +46,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
certificate: certificate:
description: description:
- The certificate in PEM format. - The certificate in PEM format.
@ -60,12 +62,12 @@ options:
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: false required: false
private_key: private_key:
description: description:
@ -73,8 +75,8 @@ options:
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates)'
- "Official Documentation: U(https://cloud.google.com/load-balancing/docs/ssl-certificates)" - 'Official Documentation: U(https://cloud.google.com/load-balancing/docs/ssl-certificates)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -137,12 +139,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
privateKey: privateKey:
@ -328,8 +330,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

21
plugins/modules/gcp_compute_ssl_certificate_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -90,12 +89,12 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
privateKey: privateKey:
@ -123,7 +122,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

65
plugins/modules/gcp_compute_ssl_policy.py
View file

@ -45,35 +45,45 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
profile: profile:
description: description:
- Profile specifies the set of SSL features that can be used by the load balancer - Profile specifies the set of SSL features that can be used by the load balancer
when negotiating SSL with clients. This can be one of `COMPATIBLE`, `MODERN`, `RESTRICTED`, when negotiating SSL with clients. This can be one of `COMPATIBLE`, `MODERN`,
or `CUSTOM`. If using `CUSTOM`, the set of SSL features to enable must be specified `RESTRICTED`, or `CUSTOM`. If using `CUSTOM`, the set of SSL features to enable
in the `customFeatures` field. must be specified in the `customFeatures` field.
required: false required: false
choices: ['COMPATIBLE', 'MODERN', 'RESTRICTED', 'CUSTOM'] choices:
- COMPATIBLE
- MODERN
- RESTRICTED
- CUSTOM
min_tls_version: min_tls_version:
description: description:
- The minimum version of SSL protocol that can be used by the clients to establish - The minimum version of SSL protocol that can be used by the clients to establish
a connection with the load balancer. This can be one of `TLS_1_0`, `TLS_1_1`, `TLS_1_2`. a connection with the load balancer. This can be one of `TLS_1_0`, `TLS_1_1`,
`TLS_1_2`.
required: false required: false
choices: ['TLS_1_0', 'TLS_1_1', 'TLS_1_2'] choices:
- TLS_1_0
- TLS_1_1
- TLS_1_2
custom_features: custom_features:
description: description:
- A list of features enabled when the selected profile is CUSTOM. The method returns - A list of features enabled when the selected profile is CUSTOM. The method returns
@ -82,8 +92,8 @@ options:
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/sslPolicies)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/sslPolicies)'
- "Using SSL Policies: U(https://cloud.google.com/compute/docs/load-balancing/ssl-policies)" - 'Using SSL Policies: U(https://cloud.google.com/compute/docs/load-balancing/ssl-policies)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -119,26 +129,27 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
profile: profile:
description: description:
- Profile specifies the set of SSL features that can be used by the load balancer - Profile specifies the set of SSL features that can be used by the load balancer
when negotiating SSL with clients. This can be one of `COMPATIBLE`, `MODERN`, `RESTRICTED`, when negotiating SSL with clients. This can be one of `COMPATIBLE`, `MODERN`,
or `CUSTOM`. If using `CUSTOM`, the set of SSL features to enable must be specified `RESTRICTED`, or `CUSTOM`. If using `CUSTOM`, the set of SSL features to enable
in the `customFeatures` field. must be specified in the `customFeatures` field.
returned: success returned: success
type: str type: str
minTlsVersion: minTlsVersion:
description: description:
- The minimum version of SSL protocol that can be used by the clients to establish - The minimum version of SSL protocol that can be used by the clients to establish
a connection with the load balancer. This can be one of `TLS_1_0`, `TLS_1_1`, `TLS_1_2`. a connection with the load balancer. This can be one of `TLS_1_0`, `TLS_1_1`,
`TLS_1_2`.
returned: success returned: success
type: str type: str
enabledFeatures: enabledFeatures:
@ -361,8 +372,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

44
plugins/modules/gcp_compute_ssl_policy_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -83,26 +82,27 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
profile: profile:
description: description:
- Profile specifies the set of SSL features that can be used by the load balancer - Profile specifies the set of SSL features that can be used by the load balancer
when negotiating SSL with clients. This can be one of `COMPATIBLE`, `MODERN`, `RESTRICTED`, when negotiating SSL with clients. This can be one of `COMPATIBLE`, `MODERN`,
or `CUSTOM`. If using `CUSTOM`, the set of SSL features to enable must be specified `RESTRICTED`, or `CUSTOM`. If using `CUSTOM`, the set of SSL features to enable
in the `customFeatures` field. must be specified in the `customFeatures` field.
returned: success returned: success
type: str type: str
minTlsVersion: minTlsVersion:
description: description:
- The minimum version of SSL protocol that can be used by the clients to establish - The minimum version of SSL protocol that can be used by the clients to establish
a connection with the load balancer. This can be one of `TLS_1_0`, `TLS_1_1`, `TLS_1_2`. a connection with the load balancer. This can be one of `TLS_1_0`, `TLS_1_1`,
`TLS_1_2`.
returned: success returned: success
type: str type: str
enabledFeatures: enabledFeatures:
@ -112,21 +112,21 @@ items:
type: list type: list
customFeatures: customFeatures:
description: description:
- A list of features enabled when the selected profile is CUSTOM. The method returns - A list of features enabled when the selected profile is CUSTOM. The method
the set of features that can be specified in this list. This field must be empty returns the set of features that can be specified in this list. This field
if the profile is not CUSTOM. must be empty if the profile is not CUSTOM.
returned: success returned: success
type: list type: list
fingerprint: fingerprint:
description: description:
- Fingerprint of this resource. A hash of the contents stored in this object. This - Fingerprint of this resource. A hash of the contents stored in this object.
field is used in optimistic locking. This field is used in optimistic locking.
returned: success returned: success
type: str type: str
warnings: warnings:
description: description:
- If potential misconfigurations are detected for this SSL policy, this field will - If potential misconfigurations are detected for this SSL policy, this field
be populated with warning messages. will be populated with warning messages.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -160,7 +160,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

104
plugins/modules/gcp_compute_subnetwork.py
View file

@ -60,8 +60,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this resource. Provide this property when you create
@ -70,28 +72,28 @@ options:
ip_cidr_range: ip_cidr_range:
description: description:
- The range of internal addresses that are owned by this subnetwork. - The range of internal addresses that are owned by this subnetwork.
- Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or - Provide this property when you create the subnetwork. For example, 10.0.0.0/8
192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network.
IPv4 is supported. Only IPv4 is supported.
required: true required: true
name: name:
description: description:
- The name of the resource, provided by the client when initially creating the resource. - The name of the resource, provided by the client when initially creating the
The name must be 1-63 characters long, and comply with RFC1035. Specifically, the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically,
name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
network: network:
description: description:
- The network this subnet belongs to. - The network this subnet belongs to.
- Only networks that are in the distributed mode can have subnetworks. - Only networks that are in the distributed mode can have subnetworks.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: true required: true
enable_flow_logs: enable_flow_logs:
description: description:
@ -101,24 +103,24 @@ options:
version_added: 2.8 version_added: 2.8
secondary_ip_ranges: secondary_ip_ranges:
description: description:
- An array of configurations for secondary IP ranges for VM instances contained in - An array of configurations for secondary IP ranges for VM instances contained
this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange
of the subnetwork. The alias IPs may belong to either primary or secondary ranges. of the subnetwork. The alias IPs may belong to either primary or secondary ranges.
required: false required: false
version_added: 2.8 version_added: 2.8
suboptions: suboptions:
range_name: range_name:
description: description:
- The name associated with this subnetwork secondary range, used when adding an alias - The name associated with this subnetwork secondary range, used when adding
IP range to a VM instance. The name must be 1-63 characters long, and comply with an alias IP range to a VM instance. The name must be 1-63 characters long,
RFC1035. The name must be unique within the subnetwork. and comply with RFC1035. The name must be unique within the subnetwork.
required: true required: true
ip_cidr_range: ip_cidr_range:
description: description:
- The range of IP addresses belonging to this subnetwork secondary range. Provide - The range of IP addresses belonging to this subnetwork secondary range.
this property when you create the subnetwork. Provide this property when you create the subnetwork.
- Ranges must be unique and non-overlapping with all primary and secondary IP ranges - Ranges must be unique and non-overlapping with all primary and secondary
within a network. Only IPv4 is supported. IP ranges within a network. Only IPv4 is supported.
required: true required: true
private_ip_google_access: private_ip_google_access:
description: description:
@ -132,9 +134,9 @@ options:
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/beta/subnetworks)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/beta/subnetworks)'
- "Private Google Access: U(https://cloud.google.com/vpc/docs/configure-private-google-access)" - 'Private Google Access: U(https://cloud.google.com/vpc/docs/configure-private-google-access)'
- "Cloud Networking: U(https://cloud.google.com/vpc/docs/using-vpc)" - 'Cloud Networking: U(https://cloud.google.com/vpc/docs/using-vpc)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -174,8 +176,8 @@ RETURN = '''
type: str type: str
gatewayAddress: gatewayAddress:
description: description:
- The gateway address for default routes to reach destination addresses outside this - The gateway address for default routes to reach destination addresses outside
subnetwork. this subnetwork.
returned: success returned: success
type: str type: str
id: id:
@ -186,19 +188,19 @@ RETURN = '''
ipCidrRange: ipCidrRange:
description: description:
- The range of internal addresses that are owned by this subnetwork. - The range of internal addresses that are owned by this subnetwork.
- Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or - Provide this property when you create the subnetwork. For example, 10.0.0.0/8
192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network.
IPv4 is supported. Only IPv4 is supported.
returned: success returned: success
type: str type: str
name: name:
description: description:
- The name of the resource, provided by the client when initially creating the resource. - The name of the resource, provided by the client when initially creating the resource.
The name must be 1-63 characters long, and comply with RFC1035. Specifically, the The name must be 1-63 characters long, and comply with RFC1035. Specifically,
name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
@ -214,31 +216,31 @@ RETURN = '''
type: bool type: bool
fingerprint: fingerprint:
description: description:
- Fingerprint of this resource. This field is used internally during updates of this - Fingerprint of this resource. This field is used internally during updates of
resource. this resource.
returned: success returned: success
type: str type: str
secondaryIpRanges: secondaryIpRanges:
description: description:
- An array of configurations for secondary IP ranges for VM instances contained in - An array of configurations for secondary IP ranges for VM instances contained
this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange
of the subnetwork. The alias IPs may belong to either primary or secondary ranges. of the subnetwork. The alias IPs may belong to either primary or secondary ranges.
returned: success returned: success
type: complex type: complex
contains: contains:
rangeName: rangeName:
description: description:
- The name associated with this subnetwork secondary range, used when adding an alias - The name associated with this subnetwork secondary range, used when adding
IP range to a VM instance. The name must be 1-63 characters long, and comply with an alias IP range to a VM instance. The name must be 1-63 characters long,
RFC1035. The name must be unique within the subnetwork. and comply with RFC1035. The name must be unique within the subnetwork.
returned: success returned: success
type: str type: str
ipCidrRange: ipCidrRange:
description: description:
- The range of IP addresses belonging to this subnetwork secondary range. Provide - The range of IP addresses belonging to this subnetwork secondary range. Provide
this property when you create the subnetwork. this property when you create the subnetwork.
- Ranges must be unique and non-overlapping with all primary and secondary IP ranges - Ranges must be unique and non-overlapping with all primary and secondary IP
within a network. Only IPv4 is supported. ranges within a network. Only IPv4 is supported.
returned: success returned: success
type: str type: str
privateIpGoogleAccess: privateIpGoogleAccess:
@ -361,7 +363,7 @@ def enable_flow_logs_update(module, request, response):
{ {
u'enableFlowLogs': module.params.get('enable_flow_logs'), u'enableFlowLogs': module.params.get('enable_flow_logs'),
u'fingerprint': response.get('fingerprint'), u'fingerprint': response.get('fingerprint'),
u'secondaryIpRanges': SubnetworkSecondaryIpRangesArray(module.params.get('secondary_ip_ranges', []), module).to_request() u'secondaryIpRanges': SubnetworkSecondaryiprangesArray(module.params.get('secondary_ip_ranges', []), module).to_request()
} }
) )
@ -392,7 +394,7 @@ def resource_to_request(module):
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'network': replace_resource_dict(module.params.get(u'network', {}), 'selfLink'), u'network': replace_resource_dict(module.params.get(u'network', {}), 'selfLink'),
u'enableFlowLogs': module.params.get('enable_flow_logs'), u'enableFlowLogs': module.params.get('enable_flow_logs'),
u'secondaryIpRanges': SubnetworkSecondaryIpRangesArray(module.params.get('secondary_ip_ranges', []), module).to_request(), u'secondaryIpRanges': SubnetworkSecondaryiprangesArray(module.params.get('secondary_ip_ranges', []), module).to_request(),
u'privateIpGoogleAccess': module.params.get('private_ip_google_access'), u'privateIpGoogleAccess': module.params.get('private_ip_google_access'),
u'region': module.params.get('region') u'region': module.params.get('region')
} }
@ -469,7 +471,7 @@ def response_to_hash(module, response):
u'network': replace_resource_dict(module.params.get(u'network', {}), 'selfLink'), u'network': replace_resource_dict(module.params.get(u'network', {}), 'selfLink'),
u'enableFlowLogs': response.get(u'enableFlowLogs'), u'enableFlowLogs': response.get(u'enableFlowLogs'),
u'fingerprint': response.get(u'fingerprint'), u'fingerprint': response.get(u'fingerprint'),
u'secondaryIpRanges': SubnetworkSecondaryIpRangesArray(response.get(u'secondaryIpRanges', []), module).from_response(), u'secondaryIpRanges': SubnetworkSecondaryiprangesArray(response.get(u'secondaryIpRanges', []), module).from_response(),
u'privateIpGoogleAccess': response.get(u'privateIpGoogleAccess'), u'privateIpGoogleAccess': response.get(u'privateIpGoogleAccess'),
u'region': module.params.get('region') u'region': module.params.get('region')
} }
@ -499,8 +501,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -512,7 +512,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class SubnetworkSecondaryIpRangesArray(object): class SubnetworkSecondaryiprangesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

60
plugins/modules/gcp_compute_subnetwork_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- URL of the GCP region for this subnetwork. - URL of the GCP region for this subnetwork.
@ -84,8 +83,8 @@ items:
type: str type: str
gatewayAddress: gatewayAddress:
description: description:
- The gateway address for default routes to reach destination addresses outside this - The gateway address for default routes to reach destination addresses outside
subnetwork. this subnetwork.
returned: success returned: success
type: str type: str
id: id:
@ -96,19 +95,19 @@ items:
ipCidrRange: ipCidrRange:
description: description:
- The range of internal addresses that are owned by this subnetwork. - The range of internal addresses that are owned by this subnetwork.
- Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or - Provide this property when you create the subnetwork. For example, 10.0.0.0/8
192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network.
IPv4 is supported. Only IPv4 is supported.
returned: success returned: success
type: str type: str
name: name:
description: description:
- The name of the resource, provided by the client when initially creating the resource. - The name of the resource, provided by the client when initially creating the
The name must be 1-63 characters long, and comply with RFC1035. Specifically, the resource. The name must be 1-63 characters long, and comply with RFC1035.
name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` Specifically, the name must be 1-63 characters long and match the regular
which means the first character must be a lowercase letter, and all following characters expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must
must be a dash, lowercase letter, or digit, except the last character, which cannot be a lowercase letter, and all following characters must be a dash, lowercase
be a dash. letter, or digit, except the last character, which cannot be a dash.
returned: success returned: success
type: str type: str
network: network:
@ -124,37 +123,38 @@ items:
type: bool type: bool
fingerprint: fingerprint:
description: description:
- Fingerprint of this resource. This field is used internally during updates of this - Fingerprint of this resource. This field is used internally during updates
resource. of this resource.
returned: success returned: success
type: str type: str
secondaryIpRanges: secondaryIpRanges:
description: description:
- An array of configurations for secondary IP ranges for VM instances contained in - An array of configurations for secondary IP ranges for VM instances contained
this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange
of the subnetwork. The alias IPs may belong to either primary or secondary ranges. of the subnetwork. The alias IPs may belong to either primary or secondary
ranges.
returned: success returned: success
type: complex type: complex
contains: contains:
rangeName: rangeName:
description: description:
- The name associated with this subnetwork secondary range, used when adding an alias - The name associated with this subnetwork secondary range, used when adding
IP range to a VM instance. The name must be 1-63 characters long, and comply with an alias IP range to a VM instance. The name must be 1-63 characters long,
RFC1035. The name must be unique within the subnetwork. and comply with RFC1035. The name must be unique within the subnetwork.
returned: success returned: success
type: str type: str
ipCidrRange: ipCidrRange:
description: description:
- The range of IP addresses belonging to this subnetwork secondary range. Provide - The range of IP addresses belonging to this subnetwork secondary range.
this property when you create the subnetwork. Provide this property when you create the subnetwork.
- Ranges must be unique and non-overlapping with all primary and secondary IP ranges - Ranges must be unique and non-overlapping with all primary and secondary
within a network. Only IPv4 is supported. IP ranges within a network. Only IPv4 is supported.
returned: success returned: success
type: str type: str
privateIpGoogleAccess: privateIpGoogleAccess:
description: description:
- Whether the VMs in this subnet can access Google services without assigned external - Whether the VMs in this subnet can access Google services without assigned
IP addresses. external IP addresses.
returned: success returned: success
type: bool type: bool
region: region:
@ -183,7 +183,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

49
plugins/modules/gcp_compute_target_http_proxy.py
View file

@ -45,34 +45,37 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
url_map: url_map:
description: description:
- A reference to the UrlMap resource that defines the mapping from URL to the BackendService. - A reference to the UrlMap resource that defines the mapping from URL to the
- 'This field represents a link to a UrlMap resource in GCP. It can be specified in BackendService.
two ways. You can add `register: name-of-resource` to a gcp_compute_url_map task - 'This field represents a link to a UrlMap resource in GCP. It can be specified
and then set this url_map field to "{{ name-of-resource }}" Alternatively, you can in two ways. You can add `register: name-of-resource` to a gcp_compute_url_map
set this url_map to a dictionary with the selfLink key where the value is the selfLink task and then set this url_map field to "{{ name-of-resource }}" Alternatively,
of your UrlMap.' you can set this url_map to a dictionary with the selfLink key where the value
is the selfLink of your UrlMap'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetHttpProxies)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetHttpProxies)'
- "Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/http/target-proxies)" - 'Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/http/target-proxies)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -151,12 +154,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
urlMap: urlMap:
@ -359,8 +362,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

24
plugins/modules/gcp_compute_target_http_proxy_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -83,17 +82,18 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
urlMap: urlMap:
description: description:
- A reference to the UrlMap resource that defines the mapping from URL to the BackendService. - A reference to the UrlMap resource that defines the mapping from URL to the
BackendService.
returned: success returned: success
type: dict type: dict
''' '''
@ -116,7 +116,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

79
plugins/modules/gcp_compute_target_https_proxy.py
View file

@ -45,49 +45,56 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
quic_override: quic_override:
description: description:
- Specifies the QUIC override policy for this resource. This determines whether the - Specifies the QUIC override policy for this resource. This determines whether
load balancer will attempt to negotiate QUIC with clients or not. Can specify one the load balancer will attempt to negotiate QUIC with clients or not. Can specify
of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy
user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent with no user overrides, which is equivalent to DISABLE. Not specifying this
to specifying NONE. field is equivalent to specifying NONE.
required: false required: false
version_added: 2.7 version_added: 2.7
choices: ['NONE', 'ENABLE', 'DISABLE'] choices:
- NONE
- ENABLE
- DISABLE
ssl_certificates: ssl_certificates:
description: description:
- A list of SslCertificate resources that are used to authenticate connections between - A list of SslCertificate resources that are used to authenticate connections
users and the load balancer. Currently, exactly one SSL certificate must be specified. between users and the load balancer. Currently, exactly one SSL certificate
must be specified.
required: true required: true
url_map: url_map:
description: description:
- A reference to the UrlMap resource that defines the mapping from URL to the BackendService. - A reference to the UrlMap resource that defines the mapping from URL to the
- 'This field represents a link to a UrlMap resource in GCP. It can be specified in BackendService.
two ways. You can add `register: name-of-resource` to a gcp_compute_url_map task - 'This field represents a link to a UrlMap resource in GCP. It can be specified
and then set this url_map field to "{{ name-of-resource }}" Alternatively, you can in two ways. You can add `register: name-of-resource` to a gcp_compute_url_map
set this url_map to a dictionary with the selfLink key where the value is the selfLink task and then set this url_map field to "{{ name-of-resource }}" Alternatively,
of your UrlMap.' you can set this url_map to a dictionary with the selfLink key where the value
is the selfLink of your UrlMap'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetHttpsProxies)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetHttpsProxies)'
- "Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/http/target-proxies)" - 'Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/http/target-proxies)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -202,21 +209,21 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
quicOverride: quicOverride:
description: description:
- Specifies the QUIC override policy for this resource. This determines whether the - Specifies the QUIC override policy for this resource. This determines whether
load balancer will attempt to negotiate QUIC with clients or not. Can specify one the load balancer will attempt to negotiate QUIC with clients or not. Can specify
of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with
user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent no user overrides, which is equivalent to DISABLE. Not specifying this field is
to specifying NONE. equivalent to specifying NONE.
returned: success returned: success
type: str type: str
sslCertificates: sslCertificates:
@ -461,8 +468,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

39
plugins/modules/gcp_compute_target_https_proxy_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -83,32 +82,34 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
quicOverride: quicOverride:
description: description:
- Specifies the QUIC override policy for this resource. This determines whether the - Specifies the QUIC override policy for this resource. This determines whether
load balancer will attempt to negotiate QUIC with clients or not. Can specify one the load balancer will attempt to negotiate QUIC with clients or not. Can
of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no specify one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC
user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent policy with no user overrides, which is equivalent to DISABLE. Not specifying
to specifying NONE. this field is equivalent to specifying NONE.
returned: success returned: success
type: str type: str
sslCertificates: sslCertificates:
description: description:
- A list of SslCertificate resources that are used to authenticate connections between - A list of SslCertificate resources that are used to authenticate connections
users and the load balancer. Currently, exactly one SSL certificate must be specified. between users and the load balancer. Currently, exactly one SSL certificate
must be specified.
returned: success returned: success
type: list type: list
urlMap: urlMap:
description: description:
- A reference to the UrlMap resource that defines the mapping from URL to the BackendService. - A reference to the UrlMap resource that defines the mapping from URL to the
BackendService.
returned: success returned: success
type: dict type: dict
''' '''
@ -131,7 +132,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

99
plugins/modules/gcp_compute_target_pool.py
View file

@ -44,26 +44,28 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
backup_pool: backup_pool:
description: description:
- This field is applicable only when the containing target pool is serving a forwarding - This field is applicable only when the containing target pool is serving a forwarding
rule as the primary pool, and its failoverRatio field is properly set to a value rule as the primary pool, and its failoverRatio field is properly set to a value
between [0, 1]. between [0, 1].
- 'backupPool and failoverRatio together define the fallback behavior of the primary - 'backupPool and failoverRatio together define the fallback behavior of the primary
target pool: if the ratio of the healthy instances in the primary pool is at or target pool: if the ratio of the healthy instances in the primary pool is at
below failoverRatio, traffic arriving at the load-balanced IP will be directed to or below failoverRatio, traffic arriving at the load-balanced IP will be directed
the backup pool.' to the backup pool.'
- In case where failoverRatio and backupPool are not set, or all the instances in - In case where failoverRatio and backupPool are not set, or all the instances
the backup pool are unhealthy, the traffic will be directed back to the primary in the backup pool are unhealthy, the traffic will be directed back to the primary
pool in the "force" mode, where traffic will be spread to the healthy instances pool in the "force" mode, where traffic will be spread to the healthy instances
with the best effort, or to all instances when no instance is healthy. with the best effort, or to all instances when no instance is healthy.
- 'This field represents a link to a TargetPool resource in GCP. It can be specified - 'This field represents a link to a TargetPool resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_target_pool in two ways. You can add `register: name-of-resource` to a gcp_compute_target_pool
task and then set this backup_pool field to "{{ name-of-resource }}" Alternatively, task and then set this backup_pool field to "{{ name-of-resource }}" Alternatively,
you can set this backup_pool to a dictionary with the selfLink key where the value you can set this backup_pool to a dictionary with the selfLink key where the
is the selfLink of your TargetPool.' value is the selfLink of your TargetPool'
required: false required: false
description: description:
description: description:
@ -76,24 +78,24 @@ options:
The value of the field must be in [0, 1]. The value of the field must be in [0, 1].
- 'If set, backupPool must also be set. They together define the fallback behavior - 'If set, backupPool must also be set. They together define the fallback behavior
of the primary target pool: if the ratio of the healthy instances in the primary of the primary target pool: if the ratio of the healthy instances in the primary
pool is at or below this number, traffic arriving at the load-balanced IP will be pool is at or below this number, traffic arriving at the load-balanced IP will
directed to the backup pool.' be directed to the backup pool.'
- In case where failoverRatio is not set or all the instances in the backup pool are - In case where failoverRatio is not set or all the instances in the backup pool
unhealthy, the traffic will be directed back to the primary pool in the "force" are unhealthy, the traffic will be directed back to the primary pool in the
mode, where traffic will be spread to the healthy instances with the best effort, "force" mode, where traffic will be spread to the healthy instances with the
or to all instances when no instance is healthy. best effort, or to all instances when no instance is healthy.
required: false required: false
health_check: health_check:
description: description:
- A reference to a HttpHealthCheck resource. - A reference to a HttpHealthCheck resource.
- A member instance in this pool is considered healthy if and only if the health checks - A member instance in this pool is considered healthy if and only if the health
pass. If not specified it means all member instances will be considered healthy checks pass. If not specified it means all member instances will be considered
at all times. healthy at all times.
- 'This field represents a link to a HttpHealthCheck resource in GCP. It can be specified - 'This field represents a link to a HttpHealthCheck resource in GCP. It can be
in two ways. You can add `register: name-of-resource` to a gcp_compute_http_health_check specified in two ways. You can add `register: name-of-resource` to a gcp_compute_http_health_check
task and then set this health_check field to "{{ name-of-resource }}" Alternatively, task and then set this health_check field to "{{ name-of-resource }}" Alternatively,
you can set this health_check to a dictionary with the selfLink key where the value you can set this health_check to a dictionary with the selfLink key where the
is the selfLink of your HttpHealthCheck.' value is the selfLink of your HttpHealthCheck'
required: false required: false
instances: instances:
description: description:
@ -102,12 +104,12 @@ options:
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
session_affinity: session_affinity:
description: description:
@ -118,15 +120,18 @@ options:
- "- CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol - "- CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol
will go to the same instance in the pool while that instance remains healthy." will go to the same instance in the pool while that instance remains healthy."
required: false required: false
choices: ['NONE', 'CLIENT_IP', 'CLIENT_IP_PROTO'] choices:
- NONE
- CLIENT_IP
- CLIENT_IP_PROTO
region: region:
description: description:
- The region where the target pool resides. - The region where the target pool resides.
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/targetPools)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/targetPools)'
- "Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/network/target-pools)" - 'Official Documentation: U(https://cloud.google.com/compute/docs/load-balancing/network/target-pools)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -148,8 +153,8 @@ RETURN = '''
between [0, 1]. between [0, 1].
- 'backupPool and failoverRatio together define the fallback behavior of the primary - 'backupPool and failoverRatio together define the fallback behavior of the primary
target pool: if the ratio of the healthy instances in the primary pool is at or target pool: if the ratio of the healthy instances in the primary pool is at or
below failoverRatio, traffic arriving at the load-balanced IP will be directed to below failoverRatio, traffic arriving at the load-balanced IP will be directed
the backup pool.' to the backup pool.'
- In case where failoverRatio and backupPool are not set, or all the instances in - In case where failoverRatio and backupPool are not set, or all the instances in
the backup pool are unhealthy, the traffic will be directed back to the primary the backup pool are unhealthy, the traffic will be directed back to the primary
pool in the "force" mode, where traffic will be spread to the healthy instances pool in the "force" mode, where traffic will be spread to the healthy instances
@ -173,10 +178,10 @@ RETURN = '''
The value of the field must be in [0, 1]. The value of the field must be in [0, 1].
- 'If set, backupPool must also be set. They together define the fallback behavior - 'If set, backupPool must also be set. They together define the fallback behavior
of the primary target pool: if the ratio of the healthy instances in the primary of the primary target pool: if the ratio of the healthy instances in the primary
pool is at or below this number, traffic arriving at the load-balanced IP will be pool is at or below this number, traffic arriving at the load-balanced IP will
directed to the backup pool.' be directed to the backup pool.'
- In case where failoverRatio is not set or all the instances in the backup pool are - In case where failoverRatio is not set or all the instances in the backup pool
unhealthy, the traffic will be directed back to the primary pool in the "force" are unhealthy, the traffic will be directed back to the primary pool in the "force"
mode, where traffic will be spread to the healthy instances with the best effort, mode, where traffic will be spread to the healthy instances with the best effort,
or to all instances when no instance is healthy. or to all instances when no instance is healthy.
returned: success returned: success
@ -184,9 +189,9 @@ RETURN = '''
healthCheck: healthCheck:
description: description:
- A reference to a HttpHealthCheck resource. - A reference to a HttpHealthCheck resource.
- A member instance in this pool is considered healthy if and only if the health checks - A member instance in this pool is considered healthy if and only if the health
pass. If not specified it means all member instances will be considered healthy checks pass. If not specified it means all member instances will be considered
at all times. healthy at all times.
returned: success returned: success
type: dict type: dict
id: id:
@ -202,12 +207,12 @@ RETURN = '''
type: list type: list
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
sessionAffinity: sessionAffinity:
@ -418,8 +423,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

71
plugins/modules/gcp_compute_target_pool_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- The region where the target pool resides. - The region where the target pool resides.
@ -73,17 +72,17 @@ items:
contains: contains:
backupPool: backupPool:
description: description:
- This field is applicable only when the containing target pool is serving a forwarding - This field is applicable only when the containing target pool is serving a
rule as the primary pool, and its failoverRatio field is properly set to a value forwarding rule as the primary pool, and its failoverRatio field is properly
between [0, 1]. set to a value between [0, 1].
- 'backupPool and failoverRatio together define the fallback behavior of the primary - 'backupPool and failoverRatio together define the fallback behavior of the
target pool: if the ratio of the healthy instances in the primary pool is at or primary target pool: if the ratio of the healthy instances in the primary
below failoverRatio, traffic arriving at the load-balanced IP will be directed to pool is at or below failoverRatio, traffic arriving at the load-balanced IP
the backup pool.' will be directed to the backup pool.'
- In case where failoverRatio and backupPool are not set, or all the instances in - In case where failoverRatio and backupPool are not set, or all the instances
the backup pool are unhealthy, the traffic will be directed back to the primary in the backup pool are unhealthy, the traffic will be directed back to the
pool in the "force" mode, where traffic will be spread to the healthy instances primary pool in the "force" mode, where traffic will be spread to the healthy
with the best effort, or to all instances when no instance is healthy. instances with the best effort, or to all instances when no instance is healthy.
returned: success returned: success
type: dict type: dict
creationTimestamp: creationTimestamp:
@ -98,25 +97,25 @@ items:
type: str type: str
failoverRatio: failoverRatio:
description: description:
- This field is applicable only when the containing target pool is serving a forwarding - This field is applicable only when the containing target pool is serving a
rule as the primary pool (i.e., not as a backup pool to some other target pool). forwarding rule as the primary pool (i.e., not as a backup pool to some other
The value of the field must be in [0, 1]. target pool). The value of the field must be in [0, 1].
- 'If set, backupPool must also be set. They together define the fallback behavior - 'If set, backupPool must also be set. They together define the fallback behavior
of the primary target pool: if the ratio of the healthy instances in the primary of the primary target pool: if the ratio of the healthy instances in the primary
pool is at or below this number, traffic arriving at the load-balanced IP will be pool is at or below this number, traffic arriving at the load-balanced IP
directed to the backup pool.' will be directed to the backup pool.'
- In case where failoverRatio is not set or all the instances in the backup pool are - In case where failoverRatio is not set or all the instances in the backup
unhealthy, the traffic will be directed back to the primary pool in the "force" pool are unhealthy, the traffic will be directed back to the primary pool
mode, where traffic will be spread to the healthy instances with the best effort, in the "force" mode, where traffic will be spread to the healthy instances
or to all instances when no instance is healthy. with the best effort, or to all instances when no instance is healthy.
returned: success returned: success
type: str type: str
healthCheck: healthCheck:
description: description:
- A reference to a HttpHealthCheck resource. - A reference to a HttpHealthCheck resource.
- A member instance in this pool is considered healthy if and only if the health checks - A member instance in this pool is considered healthy if and only if the health
pass. If not specified it means all member instances will be considered healthy checks pass. If not specified it means all member instances will be considered
at all times. healthy at all times.
returned: success returned: success
type: dict type: dict
id: id:
@ -132,18 +131,18 @@ items:
type: list type: list
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
sessionAffinity: sessionAffinity:
description: description:
- 'Session affinity option. Must be one of these values: - NONE: Connections from - 'Session affinity option. Must be one of these values: - NONE: Connections
the same client IP may go to any instance in the pool.' from the same client IP may go to any instance in the pool.'
- "- CLIENT_IP: Connections from the same client IP will go to the same instance - "- CLIENT_IP: Connections from the same client IP will go to the same instance
in the pool while that instance remains healthy." in the pool while that instance remains healthy."
- "- CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol - "- CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol
@ -176,7 +175,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

124
plugins/modules/gcp_compute_target_ssl_proxy.py
View file

@ -45,40 +45,50 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
proxy_header: proxy_header:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the backend,
either NONE or PROXY_V1. The default is NONE. either NONE or PROXY_V1. The default is NONE.
required: false required: false
choices: ['NONE', 'PROXY_V1'] choices:
- NONE
- PROXY_V1
service: service:
description: description:
- A reference to the BackendService resource. - A reference to the BackendService resource.
- 'This field represents a link to a BackendService resource in GCP. It can be
specified in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service
task and then set this service field to "{{ name-of-resource }}" Alternatively,
you can set this service to a dictionary with the selfLink key where the value
is the selfLink of your BackendService'
required: true required: true
ssl_certificates: ssl_certificates:
description: description:
- A list of SslCertificate resources that are used to authenticate connections between - A list of SslCertificate resources that are used to authenticate connections
users and the load balancer. Currently, exactly one SSL certificate must be specified. between users and the load balancer. Currently, exactly one SSL certificate
must be specified.
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetSslProxies)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetSslProxies)'
- "Setting Up SSL proxy for Google Cloud Load Balancing: U(https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/)" - 'Setting Up SSL proxy for Google Cloud Load Balancing: U(https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -164,13 +174,13 @@ EXAMPLES = '''
- "{{ sslcert }}" - "{{ sslcert }}"
service: "{{ backendservice }}" service: "{{ backendservice }}"
project: "test_project" project: "test_project"
auth_kind: "service_account" auth_kind: "serviceaccount"
service_account_file: "/tmp/auth.pem" service_account_file: "/tmp/auth.pem"
state: present state: present
''' '''
RETURN = ''' RETURN = '''
creation_timestamp: creationTimestamp:
description: description:
- Creation timestamp in RFC3339 text format. - Creation timestamp in RFC3339 text format.
returned: success returned: success
@ -187,15 +197,15 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
proxy_header: proxyHeader:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the backend,
either NONE or PROXY_V1. The default is NONE. either NONE or PROXY_V1. The default is NONE.
@ -206,7 +216,7 @@ RETURN = '''
- A reference to the BackendService resource. - A reference to the BackendService resource.
returned: success returned: success
type: dict type: dict
ssl_certificates: sslCertificates:
description: description:
- A list of SslCertificate resources that are used to authenticate connections between - A list of SslCertificate resources that are used to authenticate connections between
users and the load balancer. Currently, exactly one SSL certificate must be specified. users and the load balancer. Currently, exactly one SSL certificate must be specified.
@ -253,7 +263,8 @@ def main():
if fetch: if fetch:
if state == 'present': if state == 'present':
if is_different(module, fetch): if is_different(module, fetch):
fetch = update(module, self_link(module), kind) update(module, self_link(module), kind, fetch)
fetch = fetch_resource(module, self_link(module), kind)
changed = True changed = True
else: else:
delete(module, self_link(module), kind) delete(module, self_link(module), kind)
@ -276,9 +287,58 @@ def create(module, link, kind):
return wait_for_operation(module, auth.post(link, resource_to_request(module))) return wait_for_operation(module, auth.post(link, resource_to_request(module)))
def update(module, link, kind): def update(module, link, kind, fetch):
update_fields(module, resource_to_request(module),
response_to_hash(module, fetch))
return fetch_resource(module, self_link(module), kind)
def update_fields(module, request, response):
if response.get('proxyHeader') != request.get('proxyHeader'):
proxy_header_update(module, request, response)
if response.get('service') != request.get('service'):
service_update(module, request, response)
if response.get('sslCertificates') != request.get('sslCertificates'):
ssl_certificates_update(module, request, response)
def proxy_header_update(module, request, response):
auth = GcpSession(module, 'compute') auth = GcpSession(module, 'compute')
return wait_for_operation(module, auth.put(link, resource_to_request(module))) auth.post(
''.join([
"https://www.googleapis.com/compute/v1/",
"projects/{project}/global/targetSslProxies/{name}/setProxyHeader"
]).format(**module.params),
{
u'proxyHeader': module.params.get('proxy_header')
}
)
def service_update(module, request, response):
auth = GcpSession(module, 'compute')
auth.post(
''.join([
"https://www.googleapis.com/compute/v1/",
"projects/{project}/global/targetSslProxies/{name}/setBackendService"
]).format(**module.params),
{
u'service': replace_resource_dict(module.params.get(u'service', {}), 'selfLink')
}
)
def ssl_certificates_update(module, request, response):
auth = GcpSession(module, 'compute')
auth.post(
''.join([
"https://www.googleapis.com/compute/v1/",
"projects/{project}/global/targetSslProxies/{name}/setSslCertificates"
]).format(**module.params),
{
u'sslCertificates': replace_resource_dict(module.params.get('ssl_certificates', []), 'selfLink')
}
)
def delete(module, link, kind): def delete(module, link, kind):
@ -303,9 +363,9 @@ def resource_to_request(module):
return return_vals return return_vals
def fetch_resource(module, link, kind): def fetch_resource(module, link, kind, allow_not_found=True):
auth = GcpSession(module, 'compute') auth = GcpSession(module, 'compute')
return return_if_object(module, auth.get(link), kind) return return_if_object(module, auth.get(link), kind, allow_not_found)
def self_link(module): def self_link(module):
@ -316,9 +376,9 @@ def collection(module):
return "https://www.googleapis.com/compute/v1/projects/{project}/global/targetSslProxies".format(**module.params) return "https://www.googleapis.com/compute/v1/projects/{project}/global/targetSslProxies".format(**module.params)
def return_if_object(module, response, kind): def return_if_object(module, response, kind, allow_not_found=False):
# If not found, return nothing. # If not found, return nothing.
if response.status_code == 404: if allow_not_found and response.status_code == 404:
return None return None
# If no content, return nothing. # If no content, return nothing.
@ -333,8 +393,6 @@ def return_if_object(module, response, kind):
if navigate_hash(result, ['error', 'errors']): if navigate_hash(result, ['error', 'errors']):
module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) module.fail_json(msg=navigate_hash(result, ['error', 'errors']))
if result['kind'] != kind:
module.fail_json(msg="Incorrect result: {kind}".format(**result))
return result return result
@ -395,8 +453,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

26
plugins/modules/gcp_compute_target_ssl_proxy_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -83,12 +82,12 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
proxyHeader: proxyHeader:
@ -104,8 +103,9 @@ items:
type: dict type: dict
sslCertificates: sslCertificates:
description: description:
- A list of SslCertificate resources that are used to authenticate connections between - A list of SslCertificate resources that are used to authenticate connections
users and the load balancer. Currently, exactly one SSL certificate must be specified. between users and the load balancer. Currently, exactly one SSL certificate
must be specified.
returned: success returned: success
type: list type: list
''' '''
@ -128,7 +128,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

48
plugins/modules/gcp_compute_target_tcp_proxy.py
View file

@ -45,40 +45,44 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
proxy_header: proxy_header:
description: description:
- Specifies the type of proxy header to append before sending data to the backend, - Specifies the type of proxy header to append before sending data to the backend,
either NONE or PROXY_V1. The default is NONE. either NONE or PROXY_V1. The default is NONE.
required: false required: false
choices: ['NONE', 'PROXY_V1'] choices:
- NONE
- PROXY_V1
service: service:
description: description:
- A reference to the BackendService resource. - A reference to the BackendService resource.
- 'This field represents a link to a BackendService resource in GCP. It can be specified - 'This field represents a link to a BackendService resource in GCP. It can be
in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service specified in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service
task and then set this service field to "{{ name-of-resource }}" Alternatively, task and then set this service field to "{{ name-of-resource }}" Alternatively,
you can set this service to a dictionary with the selfLink key where the value is you can set this service to a dictionary with the selfLink key where the value
the selfLink of your BackendService.' is the selfLink of your BackendService'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetTcpProxies)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/latest/targetTcpProxies)'
- "Setting Up TCP proxy for Google Cloud Load Balancing: U(https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy)" - 'Setting Up TCP proxy for Google Cloud Load Balancing: U(https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -152,12 +156,12 @@ RETURN = '''
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
proxyHeader: proxyHeader:
@ -384,8 +388,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

21
plugins/modules/gcp_compute_target_tcp_proxy_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -83,12 +82,12 @@ items:
type: int type: int
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
proxyHeader: proxyHeader:
@ -122,7 +121,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

42
plugins/modules/gcp_compute_target_vpn_gateway.py
View file

@ -45,29 +45,31 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- An optional description of this resource. - An optional description of this resource.
required: false required: false
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
network: network:
description: description:
- The network this VPN gateway is accepting traffic for. - The network this VPN gateway is accepting traffic for.
- 'This field represents a link to a Network resource in GCP. It can be specified - 'This field represents a link to a Network resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_compute_network task in two ways. You can add `register: name-of-resource` to a gcp_compute_network
and then set this network field to "{{ name-of-resource }}" Alternatively, you can task and then set this network field to "{{ name-of-resource }}" Alternatively,
set this network to a dictionary with the selfLink key where the value is the selfLink you can set this network to a dictionary with the selfLink key where the value
of your Network.' is the selfLink of your Network'
required: true required: true
region: region:
description: description:
@ -75,7 +77,7 @@ options:
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/targetVpnGateways)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/targetVpnGateways)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -122,12 +124,12 @@ RETURN = '''
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
id: id:
@ -333,8 +335,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

24
plugins/modules/gcp_compute_target_vpn_gateway_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- The region this gateway should sit in. - The region this gateway should sit in.
@ -83,12 +82,12 @@ items:
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
id: id:
@ -108,7 +107,8 @@ items:
type: list type: list
forwardingRules: forwardingRules:
description: description:
- A list of references to the ForwardingRule resources associated to this VPN gateway. - A list of references to the ForwardingRule resources associated to this VPN
gateway.
returned: success returned: success
type: list type: list
region: region:
@ -137,7 +137,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

160
plugins/modules/gcp_compute_url_map.py
View file

@ -45,16 +45,18 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
default_service: default_service:
description: description:
- A reference to BackendService resource if none of the hostRules match. - A reference to BackendService resource if none of the hostRules match.
- 'This field represents a link to a BackendService resource in GCP. It can be specified - 'This field represents a link to a BackendService resource in GCP. It can be
in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service specified in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service
task and then set this default_service field to "{{ name-of-resource }}" Alternatively, task and then set this default_service field to "{{ name-of-resource }}" Alternatively,
you can set this default_service to a dictionary with the selfLink key where the you can set this default_service to a dictionary with the selfLink key where
value is the selfLink of your BackendService.' the value is the selfLink of your BackendService'
required: true required: true
description: description:
description: description:
@ -68,28 +70,28 @@ options:
suboptions: suboptions:
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this HostRule. Provide this property when you
the resource. create the resource.
required: false required: false
hosts: hosts:
description: description:
- The list of host patterns to match. They must be valid hostnames, except * will - The list of host patterns to match. They must be valid hostnames, except
match any string of ([a-z0-9-.]*). In that case, * must be the first character and * will match any string of ([a-z0-9-.]*). In that case, * must be the first
must be followed in the pattern by either - or . character and must be followed in the pattern by either - or .
required: true required: true
path_matcher: path_matcher:
description: description:
- The name of the PathMatcher to use to match the path portion of the URL if the hostRule - The name of the PathMatcher to use to match the path portion of the URL
matches the URL's host portion. if the hostRule matches the URL's host portion.
required: true required: true
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
required: true required: true
path_matchers: path_matchers:
description: description:
@ -98,13 +100,14 @@ options:
suboptions: suboptions:
default_service: default_service:
description: description:
- A reference to a BackendService resource. This will be used if none of the pathRules - A reference to a BackendService resource. This will be used if none of the
defined by this PathMatcher is matched by the URL's path portion. pathRules defined by this PathMatcher is matched by the URL's path portion.
- 'This field represents a link to a BackendService resource in GCP. It can be specified - 'This field represents a link to a BackendService resource in GCP. It can
in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service be specified in two ways. You can add `register: name-of-resource` to a
task and then set this default_service field to "{{ name-of-resource }}" Alternatively, gcp_compute_backend_service task and then set this default_service field
you can set this default_service to a dictionary with the selfLink key where the to "{{ name-of-resource }}" Alternatively, you can set this default_service
value is the selfLink of your BackendService.' to a dictionary with the selfLink key where the value is the selfLink of
your BackendService'
required: true required: true
description: description:
description: description:
@ -121,23 +124,25 @@ options:
suboptions: suboptions:
paths: paths:
description: description:
- 'The list of path patterns to match. Each must start with / and the only place a - 'The list of path patterns to match. Each must start with / and the
* is allowed is at the end following a /. The string fed to the path matcher does only place a * is allowed is at the end following a /. The string fed
not include any text after the first ? or #, and those chars are not allowed here.' to the path matcher does not include any text after the first ? or #,
required: false and those chars are not allowed here.'
required: true
service: service:
description: description:
- A reference to the BackendService resource if this rule is matched. - A reference to the BackendService resource if this rule is matched.
- 'This field represents a link to a BackendService resource in GCP. It can be specified - 'This field represents a link to a BackendService resource in GCP. It
in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service can be specified in two ways. You can add `register: name-of-resource`
task and then set this service field to "{{ name-of-resource }}" Alternatively, to a gcp_compute_backend_service task and then set this service field
you can set this service to a dictionary with the selfLink key where the value is to "{{ name-of-resource }}" Alternatively, you can set this service
the selfLink of your BackendService.' to a dictionary with the selfLink key where the value is the selfLink
of your BackendService'
required: true required: true
tests: tests:
description: description:
- The list of expected URL mappings. Request to update this UrlMap will succeed only - The list of expected URL mappings. Requests to update this UrlMap will succeed
if all of the test cases pass. only if all of the test cases pass.
required: false required: false
suboptions: suboptions:
description: description:
@ -154,12 +159,13 @@ options:
required: true required: true
service: service:
description: description:
- A reference to expected BackendService resource the given URL should be mapped to. - A reference to expected BackendService resource the given URL should be
- 'This field represents a link to a BackendService resource in GCP. It can be specified mapped to.
in two ways. You can add `register: name-of-resource` to a gcp_compute_backend_service - 'This field represents a link to a BackendService resource in GCP. It can
task and then set this service field to "{{ name-of-resource }}" Alternatively, be specified in two ways. You can add `register: name-of-resource` to a
you can set this service to a dictionary with the selfLink key where the value is gcp_compute_backend_service task and then set this service field to "{{
the selfLink of your BackendService.' name-of-resource }}" Alternatively, you can set this service to a dictionary
with the selfLink key where the value is the selfLink of your BackendService'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -237,21 +243,21 @@ RETURN = '''
contains: contains:
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this HostRule. Provide this property when you create
the resource. the resource.
returned: success returned: success
type: str type: str
hosts: hosts:
description: description:
- The list of host patterns to match. They must be valid hostnames, except * will - The list of host patterns to match. They must be valid hostnames, except *
match any string of ([a-z0-9-.]*). In that case, * must be the first character and will match any string of ([a-z0-9-.]*). In that case, * must be the first
must be followed in the pattern by either - or . character and must be followed in the pattern by either - or .
returned: success returned: success
type: list type: list
pathMatcher: pathMatcher:
description: description:
- The name of the PathMatcher to use to match the path portion of the URL if the hostRule - The name of the PathMatcher to use to match the path portion of the URL if
matches the URL's host portion. the hostRule matches the URL's host portion.
returned: success returned: success
type: str type: str
id: id:
@ -261,18 +267,18 @@ RETURN = '''
type: int type: int
fingerprint: fingerprint:
description: description:
- Fingerprint of this resource. This field is used internally during updates of this - Fingerprint of this resource. This field is used internally during updates of
resource. this resource.
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created. The
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must name must be 1-63 characters long, and comply with RFC1035. Specifically, the
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
pathMatchers: pathMatchers:
@ -283,8 +289,8 @@ RETURN = '''
contains: contains:
defaultService: defaultService:
description: description:
- A reference to a BackendService resource. This will be used if none of the pathRules - A reference to a BackendService resource. This will be used if none of the
defined by this PathMatcher is matched by the URL's path portion. pathRules defined by this PathMatcher is matched by the URL's path portion.
returned: success returned: success
type: dict type: dict
description: description:
@ -305,9 +311,10 @@ RETURN = '''
contains: contains:
paths: paths:
description: description:
- 'The list of path patterns to match. Each must start with / and the only place a - 'The list of path patterns to match. Each must start with / and the only
* is allowed is at the end following a /. The string fed to the path matcher does place a * is allowed is at the end following a /. The string fed to the
not include any text after the first ? or #, and those chars are not allowed here.' path matcher does not include any text after the first ? or #, and those
chars are not allowed here.'
returned: success returned: success
type: list type: list
service: service:
@ -317,8 +324,8 @@ RETURN = '''
type: dict type: dict
tests: tests:
description: description:
- The list of expected URL mappings. Request to update this UrlMap will succeed only - The list of expected URL mappings. Requests to update this UrlMap will succeed
if all of the test cases pass. only if all of the test cases pass.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -339,7 +346,8 @@ RETURN = '''
type: str type: str
service: service:
description: description:
- A reference to expected BackendService resource the given URL should be mapped to. - A reference to expected BackendService resource the given URL should be mapped
to.
returned: success returned: success
type: dict type: dict
''' '''
@ -376,7 +384,7 @@ def main():
description=dict(type='str'), description=dict(type='str'),
name=dict(required=True, type='str'), name=dict(required=True, type='str'),
path_rules=dict(type='list', elements='dict', options=dict( path_rules=dict(type='list', elements='dict', options=dict(
paths=dict(type='list', elements='str'), paths=dict(required=True, type='list', elements='str'),
service=dict(required=True, type='dict') service=dict(required=True, type='dict')
)) ))
)), )),
@ -440,9 +448,9 @@ def resource_to_request(module):
u'kind': 'compute#urlMap', u'kind': 'compute#urlMap',
u'defaultService': replace_resource_dict(module.params.get(u'default_service', {}), 'selfLink'), u'defaultService': replace_resource_dict(module.params.get(u'default_service', {}), 'selfLink'),
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'hostRules': UrlMapHostRulesArray(module.params.get('host_rules', []), module).to_request(), u'hostRules': UrlMapHostrulesArray(module.params.get('host_rules', []), module).to_request(),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'pathMatchers': UrlMapPathMatchersArray(module.params.get('path_matchers', []), module).to_request(), u'pathMatchers': UrlMapPathmatchersArray(module.params.get('path_matchers', []), module).to_request(),
u'tests': UrlMapTestsArray(module.params.get('tests', []), module).to_request() u'tests': UrlMapTestsArray(module.params.get('tests', []), module).to_request()
} }
return_vals = {} return_vals = {}
@ -512,11 +520,11 @@ def response_to_hash(module, response):
u'creationTimestamp': response.get(u'creationTimestamp'), u'creationTimestamp': response.get(u'creationTimestamp'),
u'defaultService': response.get(u'defaultService'), u'defaultService': response.get(u'defaultService'),
u'description': response.get(u'description'), u'description': response.get(u'description'),
u'hostRules': UrlMapHostRulesArray(response.get(u'hostRules', []), module).from_response(), u'hostRules': UrlMapHostrulesArray(response.get(u'hostRules', []), module).from_response(),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'fingerprint': response.get(u'fingerprint'), u'fingerprint': response.get(u'fingerprint'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'pathMatchers': UrlMapPathMatchersArray(response.get(u'pathMatchers', []), module).from_response(), u'pathMatchers': UrlMapPathmatchersArray(response.get(u'pathMatchers', []), module).from_response(),
u'tests': UrlMapTestsArray(response.get(u'tests', []), module).from_response() u'tests': UrlMapTestsArray(response.get(u'tests', []), module).from_response()
} }
@ -545,8 +553,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -558,7 +564,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class UrlMapHostRulesArray(object): class UrlMapHostrulesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -593,7 +599,7 @@ class UrlMapHostRulesArray(object):
}) })
class UrlMapPathMatchersArray(object): class UrlMapPathmatchersArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -618,7 +624,7 @@ class UrlMapPathMatchersArray(object):
u'defaultService': replace_resource_dict(item.get(u'default_service', {}), 'selfLink'), u'defaultService': replace_resource_dict(item.get(u'default_service', {}), 'selfLink'),
u'description': item.get('description'), u'description': item.get('description'),
u'name': item.get('name'), u'name': item.get('name'),
u'pathRules': UrlMapPathRulesArray(item.get('path_rules', []), self.module).to_request() u'pathRules': UrlMapPathrulesArray(item.get('path_rules', []), self.module).to_request()
}) })
def _response_from_item(self, item): def _response_from_item(self, item):
@ -626,11 +632,11 @@ class UrlMapPathMatchersArray(object):
u'defaultService': item.get(u'defaultService'), u'defaultService': item.get(u'defaultService'),
u'description': item.get(u'description'), u'description': item.get(u'description'),
u'name': item.get(u'name'), u'name': item.get(u'name'),
u'pathRules': UrlMapPathRulesArray(item.get(u'pathRules', []), self.module).from_response() u'pathRules': UrlMapPathrulesArray(item.get(u'pathRules', []), self.module).from_response()
}) })
class UrlMapPathRulesArray(object): class UrlMapPathrulesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

58
plugins/modules/gcp_compute_url_map_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -90,21 +89,21 @@ items:
contains: contains:
description: description:
description: description:
- An optional description of this resource. Provide this property when you create - An optional description of this HostRule. Provide this property when you
the resource. create the resource.
returned: success returned: success
type: str type: str
hosts: hosts:
description: description:
- The list of host patterns to match. They must be valid hostnames, except * will - The list of host patterns to match. They must be valid hostnames, except
match any string of ([a-z0-9-.]*). In that case, * must be the first character and * will match any string of ([a-z0-9-.]*). In that case, * must be the
must be followed in the pattern by either - or . first character and must be followed in the pattern by either - or .
returned: success returned: success
type: list type: list
pathMatcher: pathMatcher:
description: description:
- The name of the PathMatcher to use to match the path portion of the URL if the hostRule - The name of the PathMatcher to use to match the path portion of the URL
matches the URL's host portion. if the hostRule matches the URL's host portion.
returned: success returned: success
type: str type: str
id: id:
@ -114,18 +113,18 @@ items:
type: int type: int
fingerprint: fingerprint:
description: description:
- Fingerprint of this resource. This field is used internally during updates of this - Fingerprint of this resource. This field is used internally during updates
resource. of this resource.
returned: success returned: success
type: str type: str
name: name:
description: description:
- Name of the resource. Provided by the client when the resource is created. The name - Name of the resource. Provided by the client when the resource is created.
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must The name must be 1-63 characters long, and comply with RFC1035. Specifically,
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters which means the first character must be a lowercase letter, and all following
must be a dash, lowercase letter, or digit, except the last character, which cannot characters must be a dash, lowercase letter, or digit, except the last character,
be a dash. which cannot be a dash.
returned: success returned: success
type: str type: str
pathMatchers: pathMatchers:
@ -136,8 +135,9 @@ items:
contains: contains:
defaultService: defaultService:
description: description:
- A reference to a BackendService resource. This will be used if none of the pathRules - A reference to a BackendService resource. This will be used if none of
defined by this PathMatcher is matched by the URL's path portion. the pathRules defined by this PathMatcher is matched by the URL's path
portion.
returned: success returned: success
type: dict type: dict
description: description:
@ -158,9 +158,10 @@ items:
contains: contains:
paths: paths:
description: description:
- 'The list of path patterns to match. Each must start with / and the only place a - 'The list of path patterns to match. Each must start with / and the
* is allowed is at the end following a /. The string fed to the path matcher does only place a * is allowed is at the end following a /. The string
not include any text after the first ? or #, and those chars are not allowed here.' fed to the path matcher does not include any text after the first
? or #, and those chars are not allowed here.'
returned: success returned: success
type: list type: list
service: service:
@ -170,8 +171,8 @@ items:
type: dict type: dict
tests: tests:
description: description:
- The list of expected URL mappings. Request to update this UrlMap will succeed only - The list of expected URL mappings. Requests to update this UrlMap will succeed
if all of the test cases pass. only if all of the test cases pass.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -192,7 +193,8 @@ items:
type: str type: str
service: service:
description: description:
- A reference to expected BackendService resource the given URL should be mapped to. - A reference to expected BackendService resource the given URL should be
mapped to.
returned: success returned: success
type: dict type: dict
''' '''
@ -215,7 +217,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

80
plugins/modules/gcp_compute_vpn_tunnel.py
View file

@ -44,15 +44,17 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. - Name of the resource. The name must be 1-63 characters long, and comply with
Specifically, the name must be 1-63 characters long and match the regular expression RFC1035. Specifically, the name must be 1-63 characters long and match the regular
`[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must
letter, and all following characters must be a dash, lowercase letter, or digit, be a lowercase letter, and all following characters must be a dash, lowercase
except the last character, which cannot be a dash. letter, or digit, except the last character, which cannot be a dash.
required: true required: true
description: description:
description: description:
@ -61,20 +63,20 @@ options:
target_vpn_gateway: target_vpn_gateway:
description: description:
- URL of the Target VPN gateway with which this VPN tunnel is associated. - URL of the Target VPN gateway with which this VPN tunnel is associated.
- 'This field represents a link to a TargetVpnGateway resource in GCP. It can be specified - 'This field represents a link to a TargetVpnGateway resource in GCP. It can
in two ways. You can add `register: name-of-resource` to a gcp_compute_target_vpn_gateway be specified in two ways. You can add `register: name-of-resource` to a gcp_compute_target_vpn_gateway
task and then set this target_vpn_gateway field to "{{ name-of-resource }}" Alternatively, task and then set this target_vpn_gateway field to "{{ name-of-resource }}"
you can set this target_vpn_gateway to a dictionary with the selfLink key where Alternatively, you can set this target_vpn_gateway to a dictionary with the
the value is the selfLink of your TargetVpnGateway.' selfLink key where the value is the selfLink of your TargetVpnGateway'
required: true required: true
router: router:
description: description:
- URL of router resource to be used for dynamic routing. - URL of router resource to be used for dynamic routing.
- 'This field represents a link to a Router resource in GCP. It can be specified in - 'This field represents a link to a Router resource in GCP. It can be specified
two ways. You can add `register: name-of-resource` to a gcp_compute_router task in two ways. You can add `register: name-of-resource` to a gcp_compute_router
and then set this router field to "{{ name-of-resource }}" Alternatively, you can task and then set this router field to "{{ name-of-resource }}" Alternatively,
set this router to a dictionary with the selfLink key where the value is the selfLink you can set this router to a dictionary with the selfLink key where the value
of your Router.' is the selfLink of your Router'
required: false required: false
peer_ip: peer_ip:
description: description:
@ -82,27 +84,27 @@ options:
required: true required: true
shared_secret: shared_secret:
description: description:
- Shared secret used to set the secure session between the Cloud VPN gateway and the - Shared secret used to set the secure session between the Cloud VPN gateway and
peer VPN gateway. the peer VPN gateway.
required: true required: true
ike_version: ike_version:
description: description:
- IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. - IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway.
- Acceptable IKE versions are 1 or 2. Default version is 2. - Acceptable IKE versions are 1 or 2. Default version is 2.
required: false required: false
default: 2 default: '2'
local_traffic_selector: local_traffic_selector:
description: description:
- Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. - Local traffic selector to use when establishing the VPN tunnel with peer VPN
The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`.
should be disjoint. The ranges should be disjoint.
- Only IPv4 is supported. - Only IPv4 is supported.
required: false required: false
remote_traffic_selector: remote_traffic_selector:
description: description:
- Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. - Remote traffic selector to use when establishing the VPN tunnel with peer VPN
The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`.
should be disjoint. The ranges should be disjoint.
- Only IPv4 is supported. - Only IPv4 is supported.
required: false required: false
labels: labels:
@ -115,9 +117,9 @@ options:
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
notes: notes:
- "API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels)" - 'API Reference: U(https://cloud.google.com/compute/docs/reference/rest/v1/vpnTunnels)'
- "Cloud VPN Overview: U(https://cloud.google.com/vpn/docs/concepts/overview)" - 'Cloud VPN Overview: U(https://cloud.google.com/vpn/docs/concepts/overview)'
- "Networks and Tunnel Routing: U(https://cloud.google.com/vpn/docs/concepts/choosing-networks-routing)" - 'Networks and Tunnel Routing: U(https://cloud.google.com/vpn/docs/concepts/choosing-networks-routing)'
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -210,8 +212,8 @@ RETURN = '''
type: str type: str
sharedSecret: sharedSecret:
description: description:
- Shared secret used to set the secure session between the Cloud VPN gateway and the - Shared secret used to set the secure session between the Cloud VPN gateway and
peer VPN gateway. the peer VPN gateway.
returned: success returned: success
type: str type: str
sharedSecretHash: sharedSecretHash:
@ -228,16 +230,16 @@ RETURN = '''
localTrafficSelector: localTrafficSelector:
description: description:
- Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. - Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway.
The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges The value should be a CIDR formatted string, for example `192.168.0.0/16`. The
should be disjoint. ranges should be disjoint.
- Only IPv4 is supported. - Only IPv4 is supported.
returned: success returned: success
type: list type: list
remoteTrafficSelector: remoteTrafficSelector:
description: description:
- Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. - Remote traffic selector to use when establishing the VPN tunnel with peer VPN
The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`.
should be disjoint. The ranges should be disjoint.
- Only IPv4 is supported. - Only IPv4 is supported.
returned: success returned: success
type: list type: list
@ -248,8 +250,8 @@ RETURN = '''
type: dict type: dict
labelFingerprint: labelFingerprint:
description: description:
- The fingerprint used for optimistic locking of this resource. Used internally during - The fingerprint used for optimistic locking of this resource. Used internally
updates. during updates.
returned: success returned: success
type: str type: str
region: region:
@ -477,8 +479,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'compute#operation') op_result = fetch_resource(module, op_uri, 'compute#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

42
plugins/modules/gcp_compute_vpn_tunnel_facts.py
View file

@ -43,10 +43,9 @@ requirements:
options: options:
filters: filters:
description: description:
A list of filter value pairs. Available filters are listed here - A list of filter value pairs. Available filters are listed here U(U(https://cloud.google.com/sdk/gcloud/reference/topic/filters).)
U(https://cloud.google.com/sdk/gcloud/reference/topic/filters). - Each additional filter in the list will act be added as an AND condition (filter1
Each additional filter in the list will act be added as an AND condition and filter2) .
(filter1 and filter2)
region: region:
description: description:
- The region where the tunnel is located. - The region where the tunnel is located.
@ -78,11 +77,11 @@ items:
type: str type: str
name: name:
description: description:
- Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. - Name of the resource. The name must be 1-63 characters long, and comply with
Specifically, the name must be 1-63 characters long and match the regular expression RFC1035. Specifically, the name must be 1-63 characters long and match the
`[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character
letter, and all following characters must be a dash, lowercase letter, or digit, must be a lowercase letter, and all following characters must be a dash, lowercase
except the last character, which cannot be a dash. letter, or digit, except the last character, which cannot be a dash.
returned: success returned: success
type: str type: str
description: description:
@ -107,8 +106,8 @@ items:
type: str type: str
sharedSecret: sharedSecret:
description: description:
- Shared secret used to set the secure session between the Cloud VPN gateway and the - Shared secret used to set the secure session between the Cloud VPN gateway
peer VPN gateway. and the peer VPN gateway.
returned: success returned: success
type: str type: str
sharedSecretHash: sharedSecretHash:
@ -118,23 +117,24 @@ items:
type: str type: str
ikeVersion: ikeVersion:
description: description:
- IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. - IKE protocol version to use when establishing the VPN tunnel with peer VPN
gateway.
- Acceptable IKE versions are 1 or 2. Default version is 2. - Acceptable IKE versions are 1 or 2. Default version is 2.
returned: success returned: success
type: int type: int
localTrafficSelector: localTrafficSelector:
description: description:
- Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. - Local traffic selector to use when establishing the VPN tunnel with peer VPN
The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`.
should be disjoint. The ranges should be disjoint.
- Only IPv4 is supported. - Only IPv4 is supported.
returned: success returned: success
type: list type: list
remoteTrafficSelector: remoteTrafficSelector:
description: description:
- Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. - Remote traffic selector to use when establishing the VPN tunnel with peer
The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges VPN gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`.
should be disjoint. The ranges should be disjoint.
- Only IPv4 is supported. - Only IPv4 is supported.
returned: success returned: success
type: list type: list
@ -145,8 +145,8 @@ items:
type: dict type: dict
labelFingerprint: labelFingerprint:
description: description:
- The fingerprint used for optimistic locking of this resource. Used internally during - The fingerprint used for optimistic locking of this resource. Used internally
updates. during updates.
returned: success returned: success
type: str type: str
region: region:
@ -175,7 +175,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/compute'] module.params['scopes'] = ['https://www.googleapis.com/auth/compute']
items = fetch_list(module, collection(module), query_options(module.params['filters'])) items = fetch_list(module, collection(module), query_options(module.params['filters']))

301
plugins/modules/gcp_container_cluster.py
View file

@ -44,8 +44,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- The name of this cluster. The name must be unique within this project and zone, - The name of this cluster. The name must be unique within this project and zone,
@ -60,19 +62,20 @@ options:
description: description:
- The number of nodes to create in this cluster. You must ensure that your Compute - The number of nodes to create in this cluster. You must ensure that your Compute
Engine resource quota is sufficient for this number of instances. You must also Engine resource quota is sufficient for this number of instances. You must also
have available firewall and routes quota. For requests, this field should only be have available firewall and routes quota. For requests, this field should only
used in lieu of a "nodePool" object, since this configuration (along with the "nodeConfig") be used in lieu of a "nodePool" object, since this configuration (along with
will be used to create a "NodePool" object with an auto-generated name. Do not use the "nodeConfig") will be used to create a "NodePool" object with an auto-generated
this and a nodePool at the same time. name. Do not use this and a nodePool at the same time.
required: true required: true
node_config: node_config:
description: description:
- Parameters used in creating the cluster's nodes. - Parameters used in creating the cluster's nodes.
- For requests, this field should only be used in lieu of a "nodePool" object, since - For requests, this field should only be used in lieu of a "nodePool" object,
this configuration (along with the "initialNodeCount") will be used to create a since this configuration (along with the "initialNodeCount") will be used to
"NodePool" object with an auto-generated name. Do not use this and a nodePool at create a "NodePool" object with an auto-generated name. Do not use this and
the same time. For responses, this field will be populated with the node configuration a nodePool at the same time. For responses, this field will be populated with
of the first node pool. If unspecified, the defaults are used. the node configuration of the first node pool. If unspecified, the defaults
are used.
required: false required: false
suboptions: suboptions:
machine_type: machine_type:
@ -82,68 +85,70 @@ options:
required: false required: false
disk_size_gb: disk_size_gb:
description: description:
- Size of the disk attached to each node, specified in GB. The smallest allowed disk - Size of the disk attached to each node, specified in GB. The smallest allowed
size is 10GB. If unspecified, the default disk size is 100GB. disk size is 10GB. If unspecified, the default disk size is 100GB.
required: false required: false
oauth_scopes: oauth_scopes:
description: description:
- The set of Google API scopes to be made available on all of the node VMs under the - The set of Google API scopes to be made available on all of the node VMs
"default" service account. under the "default" service account.
- 'The following scopes are recommended, but not required, and by default are not - 'The following scopes are recommended, but not required, and by default
included: U(https://www.googleapis.com/auth/compute) is required for mounting persistent are not included: U(https://www.googleapis.com/auth/compute) is required
storage on your nodes.' for mounting persistent storage on your nodes.'
- U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating - U(https://www.googleapis.com/auth/devstorage.read_only) is required for
with gcr.io (the Google Container Registry). communicating with gcr.io (the Google Container Registry).
- If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are - If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring
enabled, in which case their required scopes will be added. are enabled, in which case their required scopes will be added.
required: false required: false
service_account: service_account:
description: description:
- The Google Cloud Platform Service Account to be used by the node VMs. If no Service - The Google Cloud Platform Service Account to be used by the node VMs. If
Account is specified, the "default" service account is used. no Service Account is specified, the "default" service account is used.
required: false required: false
metadata: metadata:
description: description:
- The metadata key/value pairs assigned to instances in the cluster. - The metadata key/value pairs assigned to instances in the cluster.
- 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. - 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes
These are reflected as part of a URL in the metadata server. Additionally, to avoid in length. These are reflected as part of a URL in the metadata server.
ambiguity, keys must not conflict with any other metadata keys for the project or Additionally, to avoid ambiguity, keys must not conflict with any other
be one of the four reserved keys: "instance-template", "kube-env", "startup-script", metadata keys for the project or be one of the four reserved keys: "instance-template",
and "user-data" Values are free-form strings, and only have meaning as interpreted "kube-env", "startup-script", and "user-data" Values are free-form strings,
by the image running in the instance. The only restriction placed on them is that and only have meaning as interpreted by the image running in the instance.
each value''s size must be less than or equal to 32 KB.' The only restriction placed on them is that each value''s size must be less
than or equal to 32 KB.'
- The total size of all keys and values must be less than 512 KB. - The total size of all keys and values must be less than 512 KB.
- 'An object containing a list of "key": value pairs.' - 'An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
required: false required: false
image_type: image_type:
description: description:
- The image type to use for this node. Note that for a given image type, the latest - The image type to use for this node. Note that for a given image type, the
version of it will be used. latest version of it will be used.
required: false required: false
labels: labels:
description: description:
- 'The map of Kubernetes labels (key/value pairs) to be applied to each node. - 'The map of Kubernetes labels (key/value pairs) to be applied to each node.
These will added in addition to any default label(s) that Kubernetes may apply to These will added in addition to any default label(s) that Kubernetes may
the node. In case of conflict in label keys, the applied set may differ depending apply to the node. In case of conflict in label keys, the applied set may
on the Kubernetes version -- it''s best to assume the behavior is undefined and differ depending on the Kubernetes version -- it''s best to assume the behavior
conflicts should be avoided. For more information, including usage and the valid is undefined and conflicts should be avoided. For more information, including
values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html) An object usage and the valid values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html)
containing a list of "key": value pairs.' An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
required: false required: false
local_ssd_count: local_ssd_count:
description: description:
- The number of local SSD disks to be attached to the node. - The number of local SSD disks to be attached to the node.
- 'The limit for this value is dependant upon the maximum number of disks available - 'The limit for this value is dependant upon the maximum number of disks
on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits) for available on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits)
more information.' for more information.'
required: false required: false
tags: tags:
description: description:
- The list of instance tags applied to all nodes. Tags are used to identify valid - The list of instance tags applied to all nodes. Tags are used to identify
sources or targets for network firewalls and are specified by the client during valid sources or targets for network firewalls and are specified by the
cluster or node pool creation. Each tag within the list must comply with RFC1035. client during cluster or node pool creation. Each tag within the list must
comply with RFC1035.
required: false required: false
preemptible: preemptible:
description: description:
@ -162,8 +167,9 @@ options:
required: false required: false
password: password:
description: description:
- The password to use for HTTP basic authentication to the master endpoint. Because - The password to use for HTTP basic authentication to the master endpoint.
the master endpoint is open to the Internet, you should create a strong password. Because the master endpoint is open to the Internet, you should create a
strong password.
required: false required: false
cluster_ca_certificate: cluster_ca_certificate:
description: description:
@ -171,21 +177,24 @@ options:
required: false required: false
client_certificate: client_certificate:
description: description:
- Base64-encoded public certificate used by clients to authenticate to the cluster - Base64-encoded public certificate used by clients to authenticate to the
endpoint. cluster endpoint.
required: false required: false
client_key: client_key:
description: description:
- Base64-encoded private key used by clients to authenticate to the cluster endpoint. - Base64-encoded private key used by clients to authenticate to the cluster
endpoint.
required: false required: false
logging_service: logging_service:
description: description:
- 'The logging service the cluster should use to write logs. Currently available options: logging.googleapis.com - 'The logging service the cluster should use to write logs. Currently available
- the Google Cloud Logging service.' options: logging.googleapis.com - the Google Cloud Logging service.'
- none - no logs will be exported from the cluster. - none - no logs will be exported from the cluster.
- if left as an empty string,logging.googleapis.com will be used. - if left as an empty string,logging.googleapis.com will be used.
required: false required: false
choices: ['logging.googleapis.com', 'none'] choices:
- logging.googleapis.com
- none
monitoring_service: monitoring_service:
description: description:
- The monitoring service the cluster should use to write metrics. - The monitoring service the cluster should use to write metrics.
@ -194,7 +203,9 @@ options:
- none - no metrics will be exported from the cluster. - none - no metrics will be exported from the cluster.
- if left as an empty string, monitoring.googleapis.com will be used. - if left as an empty string, monitoring.googleapis.com will be used.
required: false required: false
choices: ['monitoring.googleapis.com', 'none'] choices:
- monitoring.googleapis.com
- none
network: network:
description: description:
- The name of the Google Compute Engine network to which the cluster is connected. - The name of the Google Compute Engine network to which the cluster is connected.
@ -204,9 +215,9 @@ options:
required: false required: false
cluster_ipv4_cidr: cluster_ipv4_cidr:
description: description:
- The IP address range of the container pods in this cluster, in CIDR notation (e.g. - The IP address range of the container pods in this cluster, in CIDR notation
10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify
in 10.0.0.0/8. a /14 block in 10.0.0.0/8.
required: false required: false
addons_config: addons_config:
description: description:
@ -215,28 +226,29 @@ options:
suboptions: suboptions:
http_load_balancing: http_load_balancing:
description: description:
- Configuration for the HTTP (L7) load balancing controller addon, which makes it - Configuration for the HTTP (L7) load balancing controller addon, which makes
easy to set up HTTP load balancers for services in a cluster. it easy to set up HTTP load balancers for services in a cluster.
required: false required: false
suboptions: suboptions:
disabled: disabled:
description: description:
- Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, - Whether the HTTP Load Balancing controller is enabled in the cluster.
it runs a small pod in the cluster that manages the load balancers. When enabled, it runs a small pod in the cluster that manages the load
balancers.
required: false required: false
type: bool type: bool
horizontal_pod_autoscaling: horizontal_pod_autoscaling:
description: description:
- Configuration for the horizontal pod autoscaling feature, which increases or decreases - Configuration for the horizontal pod autoscaling feature, which increases
the number of replica pods a replication controller has based on the resource usage or decreases the number of replica pods a replication controller has based
of the existing pods. on the resource usage of the existing pods.
required: false required: false
suboptions: suboptions:
disabled: disabled:
description: description:
- Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, - Whether the Horizontal Pod Autoscaling feature is enabled in the cluster.
it ensures that a Heapster pod is running in the cluster, which is also used by When enabled, it ensures that a Heapster pod is running in the cluster,
the Cloud Monitoring service. which is also used by the Cloud Monitoring service.
required: false required: false
type: bool type: bool
subnetwork: subnetwork:
@ -258,7 +270,7 @@ extends_documentation_fragment: gcp
EXAMPLES = ''' EXAMPLES = '''
- name: create a cluster - name: create a cluster
gcp_container_cluster: gcp_container_cluster:
name: "test_object" name: my-cluster
initial_node_count: 2 initial_node_count: 2
master_auth: master_auth:
username: cluster_admin username: cluster_admin
@ -290,19 +302,19 @@ RETURN = '''
description: description:
- The number of nodes to create in this cluster. You must ensure that your Compute - The number of nodes to create in this cluster. You must ensure that your Compute
Engine resource quota is sufficient for this number of instances. You must also Engine resource quota is sufficient for this number of instances. You must also
have available firewall and routes quota. For requests, this field should only be have available firewall and routes quota. For requests, this field should only
used in lieu of a "nodePool" object, since this configuration (along with the "nodeConfig") be used in lieu of a "nodePool" object, since this configuration (along with the
will be used to create a "NodePool" object with an auto-generated name. Do not use "nodeConfig") will be used to create a "NodePool" object with an auto-generated
this and a nodePool at the same time. name. Do not use this and a nodePool at the same time.
returned: success returned: success
type: int type: int
nodeConfig: nodeConfig:
description: description:
- Parameters used in creating the cluster's nodes. - Parameters used in creating the cluster's nodes.
- For requests, this field should only be used in lieu of a "nodePool" object, since - For requests, this field should only be used in lieu of a "nodePool" object, since
this configuration (along with the "initialNodeCount") will be used to create a this configuration (along with the "initialNodeCount") will be used to create
"NodePool" object with an auto-generated name. Do not use this and a nodePool at a "NodePool" object with an auto-generated name. Do not use this and a nodePool
the same time. For responses, this field will be populated with the node configuration at the same time. For responses, this field will be populated with the node configuration
of the first node pool. If unspecified, the defaults are used. of the first node pool. If unspecified, the defaults are used.
returned: success returned: success
type: complex type: complex
@ -315,39 +327,40 @@ RETURN = '''
type: str type: str
diskSizeGb: diskSizeGb:
description: description:
- Size of the disk attached to each node, specified in GB. The smallest allowed disk - Size of the disk attached to each node, specified in GB. The smallest allowed
size is 10GB. If unspecified, the default disk size is 100GB. disk size is 10GB. If unspecified, the default disk size is 100GB.
returned: success returned: success
type: int type: int
oauthScopes: oauthScopes:
description: description:
- The set of Google API scopes to be made available on all of the node VMs under the - The set of Google API scopes to be made available on all of the node VMs under
"default" service account. the "default" service account.
- 'The following scopes are recommended, but not required, and by default are not - 'The following scopes are recommended, but not required, and by default are
included: U(https://www.googleapis.com/auth/compute) is required for mounting persistent not included: U(https://www.googleapis.com/auth/compute) is required for mounting
storage on your nodes.' persistent storage on your nodes.'
- U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating - U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating
with gcr.io (the Google Container Registry). with gcr.io (the Google Container Registry).
- If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are - If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring
enabled, in which case their required scopes will be added. are enabled, in which case their required scopes will be added.
returned: success returned: success
type: list type: list
serviceAccount: serviceAccount:
description: description:
- The Google Cloud Platform Service Account to be used by the node VMs. If no Service - The Google Cloud Platform Service Account to be used by the node VMs. If no
Account is specified, the "default" service account is used. Service Account is specified, the "default" service account is used.
returned: success returned: success
type: str type: str
metadata: metadata:
description: description:
- The metadata key/value pairs assigned to instances in the cluster. - The metadata key/value pairs assigned to instances in the cluster.
- 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. - 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes
These are reflected as part of a URL in the metadata server. Additionally, to avoid in length. These are reflected as part of a URL in the metadata server. Additionally,
ambiguity, keys must not conflict with any other metadata keys for the project or to avoid ambiguity, keys must not conflict with any other metadata keys for
be one of the four reserved keys: "instance-template", "kube-env", "startup-script", the project or be one of the four reserved keys: "instance-template", "kube-env",
and "user-data" Values are free-form strings, and only have meaning as interpreted "startup-script", and "user-data" Values are free-form strings, and only have
by the image running in the instance. The only restriction placed on them is that meaning as interpreted by the image running in the instance. The only restriction
each value''s size must be less than or equal to 32 KB.' placed on them is that each value''s size must be less than or equal to 32
KB.'
- The total size of all keys and values must be less than 512 KB. - The total size of all keys and values must be less than 512 KB.
- 'An object containing a list of "key": value pairs.' - 'An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
@ -355,19 +368,19 @@ RETURN = '''
type: dict type: dict
imageType: imageType:
description: description:
- The image type to use for this node. Note that for a given image type, the latest - The image type to use for this node. Note that for a given image type, the
version of it will be used. latest version of it will be used.
returned: success returned: success
type: str type: str
labels: labels:
description: description:
- 'The map of Kubernetes labels (key/value pairs) to be applied to each node. - 'The map of Kubernetes labels (key/value pairs) to be applied to each node.
These will added in addition to any default label(s) that Kubernetes may apply to These will added in addition to any default label(s) that Kubernetes may apply
the node. In case of conflict in label keys, the applied set may differ depending to the node. In case of conflict in label keys, the applied set may differ
on the Kubernetes version -- it''s best to assume the behavior is undefined and depending on the Kubernetes version -- it''s best to assume the behavior is
conflicts should be avoided. For more information, including usage and the valid undefined and conflicts should be avoided. For more information, including
values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html) An object usage and the valid values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html)
containing a list of "key": value pairs.' An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
returned: success returned: success
type: dict type: dict
@ -375,15 +388,16 @@ RETURN = '''
description: description:
- The number of local SSD disks to be attached to the node. - The number of local SSD disks to be attached to the node.
- 'The limit for this value is dependant upon the maximum number of disks available - 'The limit for this value is dependant upon the maximum number of disks available
on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits) for on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits)
more information.' for more information.'
returned: success returned: success
type: int type: int
tags: tags:
description: description:
- The list of instance tags applied to all nodes. Tags are used to identify valid - The list of instance tags applied to all nodes. Tags are used to identify
sources or targets for network firewalls and are specified by the client during valid sources or targets for network firewalls and are specified by the client
cluster or node pool creation. Each tag within the list must comply with RFC1035. during cluster or node pool creation. Each tag within the list must comply
with RFC1035.
returned: success returned: success
type: list type: list
preemptible: preemptible:
@ -405,8 +419,9 @@ RETURN = '''
type: str type: str
password: password:
description: description:
- The password to use for HTTP basic authentication to the master endpoint. Because - The password to use for HTTP basic authentication to the master endpoint.
the master endpoint is open to the Internet, you should create a strong password. Because the master endpoint is open to the Internet, you should create a strong
password.
returned: success returned: success
type: str type: str
clusterCaCertificate: clusterCaCertificate:
@ -422,13 +437,14 @@ RETURN = '''
type: str type: str
clientKey: clientKey:
description: description:
- Base64-encoded private key used by clients to authenticate to the cluster endpoint. - Base64-encoded private key used by clients to authenticate to the cluster
endpoint.
returned: success returned: success
type: str type: str
loggingService: loggingService:
description: description:
- 'The logging service the cluster should use to write logs. Currently available options: logging.googleapis.com - 'The logging service the cluster should use to write logs. Currently available
- the Google Cloud Logging service.' options: logging.googleapis.com - the Google Cloud Logging service.'
- none - no logs will be exported from the cluster. - none - no logs will be exported from the cluster.
- if left as an empty string,logging.googleapis.com will be used. - if left as an empty string,logging.googleapis.com will be used.
returned: success returned: success
@ -465,30 +481,31 @@ RETURN = '''
contains: contains:
httpLoadBalancing: httpLoadBalancing:
description: description:
- Configuration for the HTTP (L7) load balancing controller addon, which makes it - Configuration for the HTTP (L7) load balancing controller addon, which makes
easy to set up HTTP load balancers for services in a cluster. it easy to set up HTTP load balancers for services in a cluster.
returned: success returned: success
type: complex type: complex
contains: contains:
disabled: disabled:
description: description:
- Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, - Whether the HTTP Load Balancing controller is enabled in the cluster.
it runs a small pod in the cluster that manages the load balancers. When enabled, it runs a small pod in the cluster that manages the load
balancers.
returned: success returned: success
type: bool type: bool
horizontalPodAutoscaling: horizontalPodAutoscaling:
description: description:
- Configuration for the horizontal pod autoscaling feature, which increases or decreases - Configuration for the horizontal pod autoscaling feature, which increases
the number of replica pods a replication controller has based on the resource usage or decreases the number of replica pods a replication controller has based
of the existing pods. on the resource usage of the existing pods.
returned: success returned: success
type: complex type: complex
contains: contains:
disabled: disabled:
description: description:
- Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, - Whether the Horizontal Pod Autoscaling feature is enabled in the cluster.
it ensures that a Heapster pod is running in the cluster, which is also used by When enabled, it ensures that a Heapster pod is running in the cluster,
the Cloud Monitoring service. which is also used by the Cloud Monitoring service.
returned: success returned: success
type: bool type: bool
subnetwork: subnetwork:
@ -505,8 +522,8 @@ RETURN = '''
endpoint: endpoint:
description: description:
- The IP address of this cluster's master endpoint. - The IP address of this cluster's master endpoint.
- The endpoint can be accessed from the internet at https://username:password@endpoint/ See - The endpoint can be accessed from the internet at https://username:password@endpoint/
the masterAuth property of this resource for username and password information. See the masterAuth property of this resource for username and password information.
returned: success returned: success
type: str type: str
initialClusterVersion: initialClusterVersion:
@ -522,9 +539,9 @@ RETURN = '''
type: str type: str
currentNodeVersion: currentNodeVersion:
description: description:
- The current version of the node software components. If they are currently at multiple - The current version of the node software components. If they are currently at
versions because they're in the process of being upgraded, this reflects the minimum multiple versions because they're in the process of being upgraded, this reflects
version of all nodes. the minimum version of all nodes.
returned: success returned: success
type: str type: str
createTime: createTime:
@ -671,13 +688,13 @@ def resource_to_request(module):
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'description': module.params.get('description'), u'description': module.params.get('description'),
u'initialNodeCount': module.params.get('initial_node_count'), u'initialNodeCount': module.params.get('initial_node_count'),
u'nodeConfig': ClusterNodeConfig(module.params.get('node_config', {}), module).to_request(), u'nodeConfig': ClusterNodeconfig(module.params.get('node_config', {}), module).to_request(),
u'masterAuth': ClusterMasterAuth(module.params.get('master_auth', {}), module).to_request(), u'masterAuth': ClusterMasterauth(module.params.get('master_auth', {}), module).to_request(),
u'loggingService': module.params.get('logging_service'), u'loggingService': module.params.get('logging_service'),
u'monitoringService': module.params.get('monitoring_service'), u'monitoringService': module.params.get('monitoring_service'),
u'network': module.params.get('network'), u'network': module.params.get('network'),
u'clusterIpv4Cidr': module.params.get('cluster_ipv4_cidr'), u'clusterIpv4Cidr': module.params.get('cluster_ipv4_cidr'),
u'addonsConfig': ClusterAddonsConfig(module.params.get('addons_config', {}), module).to_request(), u'addonsConfig': ClusterAddonsconfig(module.params.get('addons_config', {}), module).to_request(),
u'subnetwork': module.params.get('subnetwork'), u'subnetwork': module.params.get('subnetwork'),
u'location': module.params.get('location') u'location': module.params.get('location')
} }
@ -749,13 +766,13 @@ def response_to_hash(module, response):
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'description': response.get(u'description'), u'description': response.get(u'description'),
u'initialNodeCount': module.params.get('initial_node_count'), u'initialNodeCount': module.params.get('initial_node_count'),
u'nodeConfig': ClusterNodeConfig(module.params.get('node_config', {}), module).to_request(), u'nodeConfig': ClusterNodeconfig(module.params.get('node_config', {}), module).to_request(),
u'masterAuth': ClusterMasterAuth(response.get(u'masterAuth', {}), module).from_response(), u'masterAuth': ClusterMasterauth(response.get(u'masterAuth', {}), module).from_response(),
u'loggingService': response.get(u'loggingService'), u'loggingService': response.get(u'loggingService'),
u'monitoringService': response.get(u'monitoringService'), u'monitoringService': response.get(u'monitoringService'),
u'network': response.get(u'network'), u'network': response.get(u'network'),
u'clusterIpv4Cidr': response.get(u'clusterIpv4Cidr'), u'clusterIpv4Cidr': response.get(u'clusterIpv4Cidr'),
u'addonsConfig': ClusterAddonsConfig(response.get(u'addonsConfig', {}), module).from_response(), u'addonsConfig': ClusterAddonsconfig(response.get(u'addonsConfig', {}), module).from_response(),
u'subnetwork': response.get(u'subnetwork'), u'subnetwork': response.get(u'subnetwork'),
u'location': response.get(u'location'), u'location': response.get(u'location'),
u'endpoint': response.get(u'endpoint'), u'endpoint': response.get(u'endpoint'),
@ -794,8 +811,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE', 'ABORTING']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri) op_result = fetch_resource(module, op_uri)
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -823,7 +838,7 @@ def encode_request(resource_request, module):
} }
class ClusterNodeConfig(object): class ClusterNodeconfig(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -860,7 +875,7 @@ class ClusterNodeConfig(object):
}) })
class ClusterMasterAuth(object): class ClusterMasterauth(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -887,7 +902,7 @@ class ClusterMasterAuth(object):
}) })
class ClusterAddonsConfig(object): class ClusterAddonsconfig(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -897,18 +912,18 @@ class ClusterAddonsConfig(object):
def to_request(self): def to_request(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'httpLoadBalancing': ClusterHttpLoadBalancing(self.request.get('http_load_balancing', {}), self.module).to_request(), u'httpLoadBalancing': ClusterHttploadbalancing(self.request.get('http_load_balancing', {}), self.module).to_request(),
u'horizontalPodAutoscaling': ClusterHorizontalPodAutoscaling(self.request.get('horizontal_pod_autoscaling', {}), self.module).to_request() u'horizontalPodAutoscaling': ClusterHorizontalpodautoscaling(self.request.get('horizontal_pod_autoscaling', {}), self.module).to_request()
}) })
def from_response(self): def from_response(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'httpLoadBalancing': ClusterHttpLoadBalancing(self.request.get(u'httpLoadBalancing', {}), self.module).from_response(), u'httpLoadBalancing': ClusterHttploadbalancing(self.request.get(u'httpLoadBalancing', {}), self.module).from_response(),
u'horizontalPodAutoscaling': ClusterHorizontalPodAutoscaling(self.request.get(u'horizontalPodAutoscaling', {}), self.module).from_response() u'horizontalPodAutoscaling': ClusterHorizontalpodautoscaling(self.request.get(u'horizontalPodAutoscaling', {}), self.module).from_response()
}) })
class ClusterHttpLoadBalancing(object): class ClusterHttploadbalancing(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -927,7 +942,7 @@ class ClusterHttpLoadBalancing(object):
}) })
class ClusterHorizontalPodAutoscaling(object): class ClusterHorizontalpodautoscaling(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

211
plugins/modules/gcp_container_node_pool.py
View file

@ -48,8 +48,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- The name of the node pool. - The name of the node pool.
@ -66,68 +68,70 @@ options:
required: false required: false
disk_size_gb: disk_size_gb:
description: description:
- Size of the disk attached to each node, specified in GB. The smallest allowed disk - Size of the disk attached to each node, specified in GB. The smallest allowed
size is 10GB. If unspecified, the default disk size is 100GB. disk size is 10GB. If unspecified, the default disk size is 100GB.
required: false required: false
oauth_scopes: oauth_scopes:
description: description:
- The set of Google API scopes to be made available on all of the node VMs under the - The set of Google API scopes to be made available on all of the node VMs
"default" service account. under the "default" service account.
- 'The following scopes are recommended, but not required, and by default are not - 'The following scopes are recommended, but not required, and by default
included: U(https://www.googleapis.com/auth/compute) is required for mounting persistent are not included: U(https://www.googleapis.com/auth/compute) is required
storage on your nodes.' for mounting persistent storage on your nodes.'
- U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating - U(https://www.googleapis.com/auth/devstorage.read_only) is required for
with gcr.io (the Google Container Registry). communicating with gcr.io (the Google Container Registry).
- If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are - If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring
enabled, in which case their required scopes will be added. are enabled, in which case their required scopes will be added.
required: false required: false
service_account: service_account:
description: description:
- The Google Cloud Platform Service Account to be used by the node VMs. If no Service - The Google Cloud Platform Service Account to be used by the node VMs. If
Account is specified, the "default" service account is used. no Service Account is specified, the "default" service account is used.
required: false required: false
metadata: metadata:
description: description:
- The metadata key/value pairs assigned to instances in the cluster. - The metadata key/value pairs assigned to instances in the cluster.
- 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. - 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes
These are reflected as part of a URL in the metadata server. Additionally, to avoid in length. These are reflected as part of a URL in the metadata server.
ambiguity, keys must not conflict with any other metadata keys for the project or Additionally, to avoid ambiguity, keys must not conflict with any other
be one of the four reserved keys: "instance-template", "kube-env", "startup-script", metadata keys for the project or be one of the four reserved keys: "instance-template",
and "user-data" Values are free-form strings, and only have meaning as interpreted "kube-env", "startup-script", and "user-data" Values are free-form strings,
by the image running in the instance. The only restriction placed on them is that and only have meaning as interpreted by the image running in the instance.
each value''s size must be less than or equal to 32 KB.' The only restriction placed on them is that each value''s size must be less
than or equal to 32 KB.'
- The total size of all keys and values must be less than 512 KB. - The total size of all keys and values must be less than 512 KB.
- 'An object containing a list of "key": value pairs.' - 'An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
required: false required: false
image_type: image_type:
description: description:
- The image type to use for this node. Note that for a given image type, the latest - The image type to use for this node. Note that for a given image type, the
version of it will be used. latest version of it will be used.
required: false required: false
labels: labels:
description: description:
- 'The map of Kubernetes labels (key/value pairs) to be applied to each node. - 'The map of Kubernetes labels (key/value pairs) to be applied to each node.
These will added in addition to any default label(s) that Kubernetes may apply to These will added in addition to any default label(s) that Kubernetes may
the node. In case of conflict in label keys, the applied set may differ depending apply to the node. In case of conflict in label keys, the applied set may
on the Kubernetes version -- it''s best to assume the behavior is undefined and differ depending on the Kubernetes version -- it''s best to assume the behavior
conflicts should be avoided. For more information, including usage and the valid is undefined and conflicts should be avoided. For more information, including
values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html) An object usage and the valid values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html)
containing a list of "key": value pairs.' An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
required: false required: false
local_ssd_count: local_ssd_count:
description: description:
- The number of local SSD disks to be attached to the node. - The number of local SSD disks to be attached to the node.
- 'The limit for this value is dependant upon the maximum number of disks available - 'The limit for this value is dependant upon the maximum number of disks
on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits) for available on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits)
more information.' for more information.'
required: false required: false
tags: tags:
description: description:
- The list of instance tags applied to all nodes. Tags are used to identify valid - The list of instance tags applied to all nodes. Tags are used to identify
sources or targets for network firewalls and are specified by the client during valid sources or targets for network firewalls and are specified by the
cluster or node pool creation. Each tag within the list must comply with RFC1035. client during cluster or node pool creation. Each tag within the list must
comply with RFC1035.
required: false required: false
preemptible: preemptible:
description: description:
@ -137,14 +141,14 @@ options:
type: bool type: bool
initial_node_count: initial_node_count:
description: description:
- The initial node count for the pool. You must ensure that your Compute Engine resource - The initial node count for the pool. You must ensure that your Compute Engine
quota is sufficient for this number of instances. You must also have available firewall resource quota is sufficient for this number of instances. You must also have
and routes quota. available firewall and routes quota.
required: true required: true
autoscaling: autoscaling:
description: description:
- Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid - Autoscaler configuration for this NodePool. Autoscaler is enabled only if a
configuration is present. valid configuration is present.
required: false required: false
suboptions: suboptions:
enabled: enabled:
@ -168,16 +172,17 @@ options:
suboptions: suboptions:
auto_upgrade: auto_upgrade:
description: description:
- A flag that specifies whether node auto-upgrade is enabled for the node pool. If - A flag that specifies whether node auto-upgrade is enabled for the node
enabled, node auto-upgrade helps keep the nodes in your node pool up to date with pool. If enabled, node auto-upgrade helps keep the nodes in your node pool
the latest release version of Kubernetes. up to date with the latest release version of Kubernetes.
required: false required: false
type: bool type: bool
auto_repair: auto_repair:
description: description:
- A flag that specifies whether the node auto-repair is enabled for the node pool. - A flag that specifies whether the node auto-repair is enabled for the node
If enabled, the nodes in this node pool will be monitored and, if they fail health pool. If enabled, the nodes in this node pool will be monitored and, if
checks too many times, an automatic repair action will be triggered. they fail health checks too many times, an automatic repair action will
be triggered.
required: false required: false
type: bool type: bool
upgrade_options: upgrade_options:
@ -187,13 +192,13 @@ options:
suboptions: suboptions:
auto_upgrade_start_time: auto_upgrade_start_time:
description: description:
- This field is set when upgrades are about to commence with the approximate start - This field is set when upgrades are about to commence with the approximate
time for the upgrades, in RFC3339 text format. start time for the upgrades, in RFC3339 text format.
required: false required: false
description: description:
description: description:
- This field is set when upgrades are about to commence with the description of the - This field is set when upgrades are about to commence with the description
upgrade. of the upgrade.
required: false required: false
cluster: cluster:
description: description:
@ -201,8 +206,8 @@ options:
- 'This field represents a link to a Cluster resource in GCP. It can be specified - 'This field represents a link to a Cluster resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_container_cluster in two ways. You can add `register: name-of-resource` to a gcp_container_cluster
task and then set this cluster field to "{{ name-of-resource }}" Alternatively, task and then set this cluster field to "{{ name-of-resource }}" Alternatively,
you can set this cluster to a dictionary with the name key where the value is the you can set this cluster to a dictionary with the name key where the value is
name of your Cluster.' the name of your Cluster'
required: true required: true
zone: zone:
description: description:
@ -225,7 +230,7 @@ EXAMPLES = '''
- name: create a node pool - name: create a node pool
gcp_container_node_pool: gcp_container_node_pool:
name: "test_object" name: my-pool
initial_node_count: 4 initial_node_count: 4
cluster: "{{ cluster }}" cluster: "{{ cluster }}"
zone: us-central1-a zone: us-central1-a
@ -255,39 +260,40 @@ RETURN = '''
type: str type: str
diskSizeGb: diskSizeGb:
description: description:
- Size of the disk attached to each node, specified in GB. The smallest allowed disk - Size of the disk attached to each node, specified in GB. The smallest allowed
size is 10GB. If unspecified, the default disk size is 100GB. disk size is 10GB. If unspecified, the default disk size is 100GB.
returned: success returned: success
type: int type: int
oauthScopes: oauthScopes:
description: description:
- The set of Google API scopes to be made available on all of the node VMs under the - The set of Google API scopes to be made available on all of the node VMs under
"default" service account. the "default" service account.
- 'The following scopes are recommended, but not required, and by default are not - 'The following scopes are recommended, but not required, and by default are
included: U(https://www.googleapis.com/auth/compute) is required for mounting persistent not included: U(https://www.googleapis.com/auth/compute) is required for mounting
storage on your nodes.' persistent storage on your nodes.'
- U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating - U(https://www.googleapis.com/auth/devstorage.read_only) is required for communicating
with gcr.io (the Google Container Registry). with gcr.io (the Google Container Registry).
- If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are - If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring
enabled, in which case their required scopes will be added. are enabled, in which case their required scopes will be added.
returned: success returned: success
type: list type: list
serviceAccount: serviceAccount:
description: description:
- The Google Cloud Platform Service Account to be used by the node VMs. If no Service - The Google Cloud Platform Service Account to be used by the node VMs. If no
Account is specified, the "default" service account is used. Service Account is specified, the "default" service account is used.
returned: success returned: success
type: str type: str
metadata: metadata:
description: description:
- The metadata key/value pairs assigned to instances in the cluster. - The metadata key/value pairs assigned to instances in the cluster.
- 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. - 'Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes
These are reflected as part of a URL in the metadata server. Additionally, to avoid in length. These are reflected as part of a URL in the metadata server. Additionally,
ambiguity, keys must not conflict with any other metadata keys for the project or to avoid ambiguity, keys must not conflict with any other metadata keys for
be one of the four reserved keys: "instance-template", "kube-env", "startup-script", the project or be one of the four reserved keys: "instance-template", "kube-env",
and "user-data" Values are free-form strings, and only have meaning as interpreted "startup-script", and "user-data" Values are free-form strings, and only have
by the image running in the instance. The only restriction placed on them is that meaning as interpreted by the image running in the instance. The only restriction
each value''s size must be less than or equal to 32 KB.' placed on them is that each value''s size must be less than or equal to 32
KB.'
- The total size of all keys and values must be less than 512 KB. - The total size of all keys and values must be less than 512 KB.
- 'An object containing a list of "key": value pairs.' - 'An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
@ -295,19 +301,19 @@ RETURN = '''
type: dict type: dict
imageType: imageType:
description: description:
- The image type to use for this node. Note that for a given image type, the latest - The image type to use for this node. Note that for a given image type, the
version of it will be used. latest version of it will be used.
returned: success returned: success
type: str type: str
labels: labels:
description: description:
- 'The map of Kubernetes labels (key/value pairs) to be applied to each node. - 'The map of Kubernetes labels (key/value pairs) to be applied to each node.
These will added in addition to any default label(s) that Kubernetes may apply to These will added in addition to any default label(s) that Kubernetes may apply
the node. In case of conflict in label keys, the applied set may differ depending to the node. In case of conflict in label keys, the applied set may differ
on the Kubernetes version -- it''s best to assume the behavior is undefined and depending on the Kubernetes version -- it''s best to assume the behavior is
conflicts should be avoided. For more information, including usage and the valid undefined and conflicts should be avoided. For more information, including
values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html) An object usage and the valid values, see: U(http://kubernetes.io/v1.1/docs/user-guide/labels.html)
containing a list of "key": value pairs.' An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
returned: success returned: success
type: dict type: dict
@ -315,15 +321,16 @@ RETURN = '''
description: description:
- The number of local SSD disks to be attached to the node. - The number of local SSD disks to be attached to the node.
- 'The limit for this value is dependant upon the maximum number of disks available - 'The limit for this value is dependant upon the maximum number of disks available
on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits) for on a machine per zone. See: U(https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits)
more information.' for more information.'
returned: success returned: success
type: int type: int
tags: tags:
description: description:
- The list of instance tags applied to all nodes. Tags are used to identify valid - The list of instance tags applied to all nodes. Tags are used to identify
sources or targets for network firewalls and are specified by the client during valid sources or targets for network firewalls and are specified by the client
cluster or node pool creation. Each tag within the list must comply with RFC1035. during cluster or node pool creation. Each tag within the list must comply
with RFC1035.
returned: success returned: success
type: list type: list
preemptible: preemptible:
@ -334,9 +341,9 @@ RETURN = '''
type: bool type: bool
initialNodeCount: initialNodeCount:
description: description:
- The initial node count for the pool. You must ensure that your Compute Engine resource - The initial node count for the pool. You must ensure that your Compute Engine
quota is sufficient for this number of instances. You must also have available firewall resource quota is sufficient for this number of instances. You must also have
and routes quota. available firewall and routes quota.
returned: success returned: success
type: int type: int
version: version:
@ -375,16 +382,16 @@ RETURN = '''
contains: contains:
autoUpgrade: autoUpgrade:
description: description:
- A flag that specifies whether node auto-upgrade is enabled for the node pool. If - A flag that specifies whether node auto-upgrade is enabled for the node pool.
enabled, node auto-upgrade helps keep the nodes in your node pool up to date with If enabled, node auto-upgrade helps keep the nodes in your node pool up to
the latest release version of Kubernetes. date with the latest release version of Kubernetes.
returned: success returned: success
type: bool type: bool
autoRepair: autoRepair:
description: description:
- A flag that specifies whether the node auto-repair is enabled for the node pool. - A flag that specifies whether the node auto-repair is enabled for the node
If enabled, the nodes in this node pool will be monitored and, if they fail health pool. If enabled, the nodes in this node pool will be monitored and, if they
checks too many times, an automatic repair action will be triggered. fail health checks too many times, an automatic repair action will be triggered.
returned: success returned: success
type: bool type: bool
upgradeOptions: upgradeOptions:
@ -395,14 +402,14 @@ RETURN = '''
contains: contains:
autoUpgradeStartTime: autoUpgradeStartTime:
description: description:
- This field is set when upgrades are about to commence with the approximate start - This field is set when upgrades are about to commence with the approximate
time for the upgrades, in RFC3339 text format. start time for the upgrades, in RFC3339 text format.
returned: success returned: success
type: str type: str
description: description:
description: description:
- This field is set when upgrades are about to commence with the description of the - This field is set when upgrades are about to commence with the description
upgrade. of the upgrade.
returned: success returned: success
type: str type: str
cluster: cluster:
@ -630,8 +637,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE', 'ABORTING']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri) op_result = fetch_resource(module, op_uri)
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -731,18 +736,18 @@ class NodePoolManagement(object):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'autoUpgrade': self.request.get('auto_upgrade'), u'autoUpgrade': self.request.get('auto_upgrade'),
u'autoRepair': self.request.get('auto_repair'), u'autoRepair': self.request.get('auto_repair'),
u'upgradeOptions': NodePoolUpgradeOptions(self.request.get('upgrade_options', {}), self.module).to_request() u'upgradeOptions': NodePoolUpgradeoptions(self.request.get('upgrade_options', {}), self.module).to_request()
}) })
def from_response(self): def from_response(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'autoUpgrade': self.request.get(u'autoUpgrade'), u'autoUpgrade': self.request.get(u'autoUpgrade'),
u'autoRepair': self.request.get(u'autoRepair'), u'autoRepair': self.request.get(u'autoRepair'),
u'upgradeOptions': NodePoolUpgradeOptions(self.request.get(u'upgradeOptions', {}), self.module).from_response() u'upgradeOptions': NodePoolUpgradeoptions(self.request.get(u'upgradeOptions', {}), self.module).from_response()
}) })
class NodePoolUpgradeOptions(object): class NodePoolUpgradeoptions(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

24
plugins/modules/gcp_dns_managed_zone.py
View file

@ -45,12 +45,14 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
description: description:
description: description:
- A mutable string of at most 1024 characters associated with this resource for the - A mutable string of at most 1024 characters associated with this resource for
user's convenience. Has no effect on the managed zone's function. the user's convenience. Has no effect on the managed zone's function.
required: false required: false
dns_name: dns_name:
description: description:
@ -63,9 +65,9 @@ options:
required: true required: true
name_server_set: name_server_set:
description: description:
- Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is - Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet
a set of DNS name servers that all host the same ManagedZones. Most users will leave is a set of DNS name servers that all host the same ManagedZones. Most users
this field unset. will leave this field unset.
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -85,8 +87,8 @@ EXAMPLES = '''
RETURN = ''' RETURN = '''
description: description:
description: description:
- A mutable string of at most 1024 characters associated with this resource for the - A mutable string of at most 1024 characters associated with this resource for
user's convenience. Has no effect on the managed zone's function. the user's convenience. Has no effect on the managed zone's function.
returned: success returned: success
type: str type: str
dnsName: dnsName:
@ -114,8 +116,8 @@ RETURN = '''
nameServerSet: nameServerSet:
description: description:
- Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is - Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is
a set of DNS name servers that all host the same ManagedZones. Most users will leave a set of DNS name servers that all host the same ManagedZones. Most users will
this field unset. leave this field unset.
returned: success returned: success
type: list type: list
creationTime: creationTime:

14
plugins/modules/gcp_dns_managed_zone_facts.py
View file

@ -43,7 +43,7 @@ requirements:
options: options:
dns_name: dns_name:
description: description:
Restricts the list to return only zones with this domain name. - Restricts the list to return only zones with this domain name.
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -64,8 +64,8 @@ items:
contains: contains:
description: description:
description: description:
- A mutable string of at most 1024 characters associated with this resource for the - A mutable string of at most 1024 characters associated with this resource
user's convenience. Has no effect on the managed zone's function. for the user's convenience. Has no effect on the managed zone's function.
returned: success returned: success
type: str type: str
dnsName: dnsName:
@ -92,9 +92,9 @@ items:
type: list type: list
nameServerSet: nameServerSet:
description: description:
- Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is - Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet
a set of DNS name servers that all host the same ManagedZones. Most users will leave is a set of DNS name servers that all host the same ManagedZones. Most users
this field unset. will leave this field unset.
returned: success returned: success
type: list type: list
creationTime: creationTime:
@ -123,7 +123,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite'] module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite']
items = fetch_list(module, collection(module), module.params['dns_name']) items = fetch_list(module, collection(module), module.params['dns_name'])

22
plugins/modules/gcp_dns_resource_record_set.py
View file

@ -48,8 +48,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- For example, U(www.example.com.) - For example, U(www.example.com.)
@ -58,7 +60,19 @@ options:
description: description:
- One of valid DNS resource types. - One of valid DNS resource types.
required: true required: true
choices: ['A', 'AAAA', 'CAA', 'CNAME', 'MX', 'NAPTR', 'NS', 'PTR', 'SOA', 'SPF', 'SRV', 'TXT'] choices:
- A
- AAAA
- CAA
- CNAME
- MX
- NAPTR
- NS
- PTR
- SOA
- SPF
- SRV
- TXT
ttl: ttl:
description: description:
- Number of seconds that this ResourceRecordSet can be cached by resolvers. - Number of seconds that this ResourceRecordSet can be cached by resolvers.
@ -75,7 +89,7 @@ options:
in two ways. You can add `register: name-of-resource` to a gcp_dns_managed_zone in two ways. You can add `register: name-of-resource` to a gcp_dns_managed_zone
task and then set this managed_zone field to "{{ name-of-resource }}" Alternatively, task and then set this managed_zone field to "{{ name-of-resource }}" Alternatively,
you can set this managed_zone to a dictionary with the name key where the value you can set this managed_zone to a dictionary with the name key where the value
is the name of your ManagedZone.' is the name of your ManagedZone'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''

4
plugins/modules/gcp_dns_resource_record_set_facts.py
View file

@ -49,7 +49,7 @@ options:
in two ways. You can add `register: name-of-resource` to a gcp_dns_managed_zone in two ways. You can add `register: name-of-resource` to a gcp_dns_managed_zone
task and then set this managed_zone field to "{{ name-of-resource }}" Alternatively, task and then set this managed_zone field to "{{ name-of-resource }}" Alternatively,
you can set this managed_zone to a dictionary with the name key where the value you can set this managed_zone to a dictionary with the name key where the value
is the name of your ManagedZone.' is the name of your ManagedZone'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -115,7 +115,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite'] module.params['scopes'] = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite']
items = fetch_list(module, collection(module)) items = fetch_list(module, collection(module))

46
plugins/modules/gcp_pubsub_subscription.py
View file

@ -45,8 +45,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- Name of the subscription. - Name of the subscription.
@ -54,11 +56,11 @@ options:
topic: topic:
description: description:
- A reference to a Topic resource. - A reference to a Topic resource.
- 'This field represents a link to a Topic resource in GCP. It can be specified in - 'This field represents a link to a Topic resource in GCP. It can be specified
two ways. You can add `register: name-of-resource` to a gcp_pubsub_topic task and in two ways. You can add `register: name-of-resource` to a gcp_pubsub_topic
then set this topic field to "{{ name-of-resource }}" Alternatively, you can set task and then set this topic field to "{{ name-of-resource }}" Alternatively,
this topic to a dictionary with the name key where the value is the name of your you can set this topic to a dictionary with the name key where the value is
Topic.' the name of your Topic'
required: false required: false
push_config: push_config:
description: description:
@ -74,18 +76,18 @@ options:
required: false required: false
ack_deadline_seconds: ack_deadline_seconds:
description: description:
- This value is the maximum time after a subscriber receives a message before the - This value is the maximum time after a subscriber receives a message before
subscriber should acknowledge the message. After message delivery but before the the subscriber should acknowledge the message. After message delivery but before
ack deadline expires and before the message is acknowledged, it is an outstanding the ack deadline expires and before the message is acknowledged, it is an outstanding
message and will not be delivered again during that time (on a best-effort basis). message and will not be delivered again during that time (on a best-effort basis).
- For pull subscriptions, this value is used as the initial value for the ack deadline. - For pull subscriptions, this value is used as the initial value for the ack
To override this value for a given message, call subscriptions.modifyAckDeadline deadline. To override this value for a given message, call subscriptions.modifyAckDeadline
with the corresponding ackId if using pull. The minimum custom deadline you can with the corresponding ackId if using pull. The minimum custom deadline you
specify is 10 seconds. The maximum custom deadline you can specify is 600 seconds can specify is 10 seconds. The maximum custom deadline you can specify is 600
(10 minutes). seconds (10 minutes).
- If this parameter is 0, a default value of 10 seconds is used. - If this parameter is 0, a default value of 10 seconds is used.
- For push delivery, this value is also used to set the request timeout for the call - For push delivery, this value is also used to set the request timeout for the
to the push endpoint. call to the push endpoint.
- If the subscriber never acknowledges the message, the Pub/Sub system will eventually - If the subscriber never acknowledges the message, the Pub/Sub system will eventually
redeliver the message. redeliver the message.
required: false required: false
@ -152,8 +154,8 @@ RETURN = '''
specify is 10 seconds. The maximum custom deadline you can specify is 600 seconds specify is 10 seconds. The maximum custom deadline you can specify is 600 seconds
(10 minutes). (10 minutes).
- If this parameter is 0, a default value of 10 seconds is used. - If this parameter is 0, a default value of 10 seconds is used.
- For push delivery, this value is also used to set the request timeout for the call - For push delivery, this value is also used to set the request timeout for the
to the push endpoint. call to the push endpoint.
- If the subscriber never acknowledges the message, the Pub/Sub system will eventually - If the subscriber never acknowledges the message, the Pub/Sub system will eventually
redeliver the message. redeliver the message.
returned: success returned: success
@ -235,7 +237,7 @@ def resource_to_request(module):
request = { request = {
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'topic': replace_resource_dict(module.params.get(u'topic', {}), 'name'), u'topic': replace_resource_dict(module.params.get(u'topic', {}), 'name'),
u'pushConfig': SubscriptionPushConfig(module.params.get('push_config', {}), module).to_request(), u'pushConfig': SubscriptionPushconfig(module.params.get('push_config', {}), module).to_request(),
u'ackDeadlineSeconds': module.params.get('ack_deadline_seconds') u'ackDeadlineSeconds': module.params.get('ack_deadline_seconds')
} }
request = encode_request(request, module) request = encode_request(request, module)
@ -308,7 +310,7 @@ def response_to_hash(module, response):
return { return {
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'topic': response.get(u'topic'), u'topic': response.get(u'topic'),
u'pushConfig': SubscriptionPushConfig(response.get(u'pushConfig', {}), module).from_response(), u'pushConfig': SubscriptionPushconfig(response.get(u'pushConfig', {}), module).from_response(),
u'ackDeadlineSeconds': response.get(u'ackDeadlineSeconds') u'ackDeadlineSeconds': response.get(u'ackDeadlineSeconds')
} }
@ -332,7 +334,7 @@ def encode_request(request, module):
return request return request
class SubscriptionPushConfig(object): class SubscriptionPushconfig(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

30
plugins/modules/gcp_pubsub_subscription_facts.py
View file

@ -40,6 +40,7 @@ requirements:
- python >= 2.6 - python >= 2.6
- requests >= 2.18.4 - requests >= 2.18.4
- google-auth >= 1.3.0 - google-auth >= 1.3.0
options: {}
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -83,20 +84,21 @@ items:
type: str type: str
ackDeadlineSeconds: ackDeadlineSeconds:
description: description:
- This value is the maximum time after a subscriber receives a message before the - This value is the maximum time after a subscriber receives a message before
subscriber should acknowledge the message. After message delivery but before the the subscriber should acknowledge the message. After message delivery but
ack deadline expires and before the message is acknowledged, it is an outstanding before the ack deadline expires and before the message is acknowledged, it
message and will not be delivered again during that time (on a best-effort basis). is an outstanding message and will not be delivered again during that time
- For pull subscriptions, this value is used as the initial value for the ack deadline. (on a best-effort basis).
To override this value for a given message, call subscriptions.modifyAckDeadline - For pull subscriptions, this value is used as the initial value for the ack
with the corresponding ackId if using pull. The minimum custom deadline you can deadline. To override this value for a given message, call subscriptions.modifyAckDeadline
specify is 10 seconds. The maximum custom deadline you can specify is 600 seconds with the corresponding ackId if using pull. The minimum custom deadline you
(10 minutes). can specify is 10 seconds. The maximum custom deadline you can specify is
600 seconds (10 minutes).
- If this parameter is 0, a default value of 10 seconds is used. - If this parameter is 0, a default value of 10 seconds is used.
- For push delivery, this value is also used to set the request timeout for the call - For push delivery, this value is also used to set the request timeout for
to the push endpoint. the call to the push endpoint.
- If the subscriber never acknowledges the message, the Pub/Sub system will eventually - If the subscriber never acknowledges the message, the Pub/Sub system will
redeliver the message. eventually redeliver the message.
returned: success returned: success
type: int type: int
''' '''
@ -118,7 +120,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub'] module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub']
items = fetch_list(module, collection(module)) items = fetch_list(module, collection(module))

6
plugins/modules/gcp_pubsub_topic.py
View file

@ -44,8 +44,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- Name of the topic. - Name of the topic.

3
plugins/modules/gcp_pubsub_topic_facts.py
View file

@ -40,6 +40,7 @@ requirements:
- python >= 2.6 - python >= 2.6
- requests >= 2.18.4 - requests >= 2.18.4
- google-auth >= 1.3.0 - google-auth >= 1.3.0
options: {}
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -81,7 +82,7 @@ def main():
) )
) )
if 'scopes' not in module.params: if not module.params['scopes']:
module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub'] module.params['scopes'] = ['https://www.googleapis.com/auth/pubsub']
items = fetch_list(module, collection(module)) items = fetch_list(module, collection(module))

24
plugins/modules/gcp_spanner_database.py
View file

@ -44,8 +44,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- A unique identifier for the database, which cannot be changed after the instance - A unique identifier for the database, which cannot be changed after the instance
@ -54,9 +56,10 @@ options:
required: false required: false
extra_statements: extra_statements:
description: description:
- 'An optional list of DDL statements to run inside the newly created database. Statements - 'An optional list of DDL statements to run inside the newly created database.
can create tables, indexes, etc. These statements execute atomically with the creation Statements can create tables, indexes, etc. These statements execute atomically
of the database: if there is an error in any statement, the database is not created.' with the creation of the database: if there is an error in any statement, the
database is not created.'
required: false required: false
instance: instance:
description: description:
@ -64,8 +67,8 @@ options:
- 'This field represents a link to a Instance resource in GCP. It can be specified - 'This field represents a link to a Instance resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_spanner_instance in two ways. You can add `register: name-of-resource` to a gcp_spanner_instance
task and then set this instance field to "{{ name-of-resource }}" Alternatively, task and then set this instance field to "{{ name-of-resource }}" Alternatively,
you can set this instance to a dictionary with the name key where the value is the you can set this instance to a dictionary with the name key where the value
name of your Instance.' is the name of your Instance'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -105,9 +108,10 @@ RETURN = '''
type: str type: str
extraStatements: extraStatements:
description: description:
- 'An optional list of DDL statements to run inside the newly created database. Statements - 'An optional list of DDL statements to run inside the newly created database.
can create tables, indexes, etc. These statements execute atomically with the creation Statements can create tables, indexes, etc. These statements execute atomically
of the database: if there is an error in any statement, the database is not created.' with the creation of the database: if there is an error in any statement, the
database is not created.'
returned: success returned: success
type: list type: list
instance: instance:

50
plugins/modules/gcp_spanner_instance.py
View file

@ -44,8 +44,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
name: name:
description: description:
- A unique identifier for the instance, which cannot be changed after the instance - A unique identifier for the instance, which cannot be changed after the instance
@ -58,8 +60,8 @@ options:
required: false required: false
display_name: display_name:
description: description:
- The descriptive name for this instance as it appears in UIs. Must be unique per - The descriptive name for this instance as it appears in UIs. Must be unique
project and between 4 and 30 characters in length. per project and between 4 and 30 characters in length.
required: true required: true
node_count: node_count:
description: description:
@ -69,20 +71,20 @@ options:
description: description:
- Cloud Labels are a flexible and lightweight mechanism for organizing cloud resources - Cloud Labels are a flexible and lightweight mechanism for organizing cloud resources
into groups that reflect a customer's organizational needs and deployment strategies. into groups that reflect a customer's organizational needs and deployment strategies.
Cloud Labels can be used to filter collections of resources. They can be used to Cloud Labels can be used to filter collections of resources. They can be used
control how resource metrics are aggregated. And they can be used as arguments to to control how resource metrics are aggregated. And they can be used as arguments
policy management rules (e.g. route, firewall, load balancing, etc.). to policy management rules (e.g. route, firewall, load balancing, etc.).
- 'Label keys must be between 1 and 63 characters long and must conform to the following - 'Label keys must be between 1 and 63 characters long and must conform to the
regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`.' following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`.'
- Label values must be between 0 and 63 characters long and must conform to the regular - Label values must be between 0 and 63 characters long and must conform to the
expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`.
- No more than 64 labels can be associated with a given resource. - No more than 64 labels can be associated with a given resource.
- See U(https://goo.gl/xmQnxf) for more information on and examples of labels. - See U(https://goo.gl/xmQnxf) for more information on and examples of labels.
- 'If you plan to use labels in your own code, please note that additional characters - 'If you plan to use labels in your own code, please note that additional characters
may be allowed in the future. And so you are advised to use an internal label representation, may be allowed in the future. And so you are advised to use an internal label
such as JSON, which doesn''t rely upon specific characters being disallowed. For representation, such as JSON, which doesn''t rely upon specific characters being
example, representing labels as the string: name + "_" + value would prove problematic disallowed. For example, representing labels as the string: name + "_" + value
if we were to allow "_" in a future release.' would prove problematic if we were to allow "_" in a future release.'
- 'An object containing a list of "key": value pairs.' - 'An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
required: false required: false
@ -132,20 +134,20 @@ RETURN = '''
description: description:
- Cloud Labels are a flexible and lightweight mechanism for organizing cloud resources - Cloud Labels are a flexible and lightweight mechanism for organizing cloud resources
into groups that reflect a customer's organizational needs and deployment strategies. into groups that reflect a customer's organizational needs and deployment strategies.
Cloud Labels can be used to filter collections of resources. They can be used to Cloud Labels can be used to filter collections of resources. They can be used
control how resource metrics are aggregated. And they can be used as arguments to to control how resource metrics are aggregated. And they can be used as arguments
policy management rules (e.g. route, firewall, load balancing, etc.). to policy management rules (e.g. route, firewall, load balancing, etc.).
- 'Label keys must be between 1 and 63 characters long and must conform to the following - 'Label keys must be between 1 and 63 characters long and must conform to the following
regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`.' regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`.'
- Label values must be between 0 and 63 characters long and must conform to the regular - Label values must be between 0 and 63 characters long and must conform to the
expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`.
- No more than 64 labels can be associated with a given resource. - No more than 64 labels can be associated with a given resource.
- See U(https://goo.gl/xmQnxf) for more information on and examples of labels. - See U(https://goo.gl/xmQnxf) for more information on and examples of labels.
- 'If you plan to use labels in your own code, please note that additional characters - 'If you plan to use labels in your own code, please note that additional characters
may be allowed in the future. And so you are advised to use an internal label representation, may be allowed in the future. And so you are advised to use an internal label
such as JSON, which doesn''t rely upon specific characters being disallowed. For representation, such as JSON, which doesn''t rely upon specific characters being
example, representing labels as the string: name + "_" + value would prove problematic disallowed. For example, representing labels as the string: name + "_" + value
if we were to allow "_" in a future release.' would prove problematic if we were to allow "_" in a future release.'
- 'An object containing a list of "key": value pairs.' - 'An object containing a list of "key": value pairs.'
- 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.' - 'Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.'
returned: success returned: success

22
plugins/modules/gcp_sql_database.py
View file

@ -44,8 +44,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
charset: charset:
description: description:
- The MySQL charset value. - The MySQL charset value.
@ -63,10 +65,10 @@ options:
description: description:
- The name of the Cloud SQL instance. This does not include the project ID. - The name of the Cloud SQL instance. This does not include the project ID.
- 'This field represents a link to a Instance resource in GCP. It can be specified - 'This field represents a link to a Instance resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_sql_instance task in two ways. You can add `register: name-of-resource` to a gcp_sql_instance
and then set this instance field to "{{ name-of-resource }}" Alternatively, you task and then set this instance field to "{{ name-of-resource }}" Alternatively,
can set this instance to a dictionary with the name key where the value is the name you can set this instance to a dictionary with the name key where the value
of your Instance.' is the name of your Instance'
required: true required: true
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -234,7 +236,7 @@ def collection(module):
def return_if_object(module, response, kind, allow_not_found=False): def return_if_object(module, response, kind, allow_not_found=False):
# If not found, return nothing. # If not found, return nothing.
if response.status_code == 404: if allow_not_found and response.status_code == 404:
return None return None
# If no content, return nothing. # If no content, return nothing.
@ -242,7 +244,7 @@ def return_if_object(module, response, kind, allow_not_found=False):
return None return None
# SQL only: return on 403 if not exist # SQL only: return on 403 if not exist
if response.status_code == 403: if allow_not_found and response.status_code == 403:
return None return None
try: try:
@ -252,8 +254,6 @@ def return_if_object(module, response, kind, allow_not_found=False):
if navigate_hash(result, ['error', 'errors']): if navigate_hash(result, ['error', 'errors']):
module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) module.fail_json(msg=navigate_hash(result, ['error', 'errors']))
if result['kind'] != kind:
module.fail_json(msg="Incorrect result: {kind}".format(**result))
return result return result
@ -310,8 +310,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'sql#operation') op_result = fetch_resource(module, op_uri, 'sql#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

285
plugins/modules/gcp_sql_instance.py
View file

@ -46,46 +46,55 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
backend_type: backend_type:
description: description:
- "* FIRST_GEN: First Generation instance. MySQL only." - "* FIRST_GEN: First Generation instance. MySQL only."
- "* SECOND_GEN: Second Generation instance or PostgreSQL instance." - "* SECOND_GEN: Second Generation instance or PostgreSQL instance."
- "* EXTERNAL: A database server that is not managed by Google." - "* EXTERNAL: A database server that is not managed by Google."
required: false required: false
choices: ['FIRST_GEN', 'SECOND_GEN', 'EXTERNAL'] choices:
- FIRST_GEN
- SECOND_GEN
- EXTERNAL
connection_name: connection_name:
description: description:
- Connection name of the Cloud SQL instance used in connection strings. - Connection name of the Cloud SQL instance used in connection strings.
required: false required: false
database_version: database_version:
description: description:
- The database engine type and version. For First Generation instances, can be MYSQL_5_5, - The database engine type and version. For First Generation instances, can be
or MYSQL_5_6. For Second Generation instances, can be MYSQL_5_6 or MYSQL_5_7. Defaults MYSQL_5_5, or MYSQL_5_6. For Second Generation instances, can be MYSQL_5_6 or
to MYSQL_5_6. MYSQL_5_7. Defaults to MYSQL_5_6.
- 'PostgreSQL instances: POSTGRES_9_6 The databaseVersion property can not be changed - 'PostgreSQL instances: POSTGRES_9_6 The databaseVersion property can not be
after instance creation.' changed after instance creation.'
required: false required: false
choices: ['MYSQL_5_5', 'MYSQL_5_6', 'MYSQL_5_7', 'POSTGRES_9_6'] choices:
- MYSQL_5_5
- MYSQL_5_6
- MYSQL_5_7
- POSTGRES_9_6
failover_replica: failover_replica:
description: description:
- The name and status of the failover replica. This property is applicable only to - The name and status of the failover replica. This property is applicable only
Second Generation instances. to Second Generation instances.
required: false required: false
suboptions: suboptions:
available: available:
description: description:
- The availability status of the failover replica. A false status indicates that the - The availability status of the failover replica. A false status indicates
failover replica is out of sync. The master can only failover to the falover replica that the failover replica is out of sync. The master can only failover to
when the status is true. the falover replica when the status is true.
required: false required: false
type: bool type: bool
name: name:
description: description:
- The name of the failover replica. If specified at instance creation, a failover - The name of the failover replica. If specified at instance creation, a failover
replica is created for the instance. The name doesn't include the project ID. This replica is created for the instance. The name doesn't include the project
property is applicable only to Second Generation instances. ID. This property is applicable only to Second Generation instances.
required: false required: false
instance_type: instance_type:
description: description:
@ -94,11 +103,14 @@ options:
- "* ON_PREMISES_INSTANCE: An instance running on the customer's premises." - "* ON_PREMISES_INSTANCE: An instance running on the customer's premises."
- "* READ_REPLICA_INSTANCE: A Cloud SQL instance configured as a read-replica." - "* READ_REPLICA_INSTANCE: A Cloud SQL instance configured as a read-replica."
required: false required: false
choices: ['CLOUD_SQL_INSTANCE', 'ON_PREMISES_INSTANCE', 'READ_REPLICA_INSTANCE'] choices:
- CLOUD_SQL_INSTANCE
- ON_PREMISES_INSTANCE
- READ_REPLICA_INSTANCE
ipv6_address: ipv6_address:
description: description:
- The IPv6 address assigned to the instance. This property is applicable only to First - The IPv6 address assigned to the instance. This property is applicable only
Generation instances. to First Generation instances.
required: false required: false
master_instance_name: master_instance_name:
description: description:
@ -114,8 +126,8 @@ options:
required: true required: true
region: region:
description: description:
- The geographical region. Defaults to us-central or us-central1 depending on the - The geographical region. Defaults to us-central or us-central1 depending on
instance type (First Generation or Second Generation/PostgreSQL). the instance type (First Generation or Second Generation/PostgreSQL).
required: false required: false
replica_configuration: replica_configuration:
description: description:
@ -124,21 +136,21 @@ options:
suboptions: suboptions:
failover_target: failover_target:
description: description:
- Specifies if the replica is the failover target. If the field is set to true the - Specifies if the replica is the failover target. If the field is set to
replica will be designated as a failover replica. true the replica will be designated as a failover replica.
- In case the master instance fails, the replica instance will be promoted as the - In case the master instance fails, the replica instance will be promoted
new master instance. as the new master instance.
- Only one replica can be specified as failover target, and the replica has to be - Only one replica can be specified as failover target, and the replica has
in different zone with the master instance. to be in different zone with the master instance.
required: false required: false
type: bool type: bool
mysql_replica_configuration: mysql_replica_configuration:
description: description:
- MySQL specific configuration when replicating from a MySQL on-premises master. Replication - MySQL specific configuration when replicating from a MySQL on-premises master.
configuration information such as the username, password, certificates, and keys Replication configuration information such as the username, password, certificates,
are not stored in the instance metadata. The configuration information is used and keys are not stored in the instance metadata. The configuration information
only to set up the replication connection and is stored by MySQL in a file named is used only to set up the replication connection and is stored by MySQL
master.info in the data directory. in a file named master.info in the data directory.
required: false required: false
suboptions: suboptions:
ca_certificate: ca_certificate:
@ -151,8 +163,8 @@ options:
required: false required: false
client_key: client_key:
description: description:
- PEM representation of the slave's private key. The corresponsing public key is encoded - PEM representation of the slave's private key. The corresponsing public
in the client's asf asd certificate. key is encoded in the client's asf asd certificate.
required: false required: false
connect_retry_interval: connect_retry_interval:
description: description:
@ -160,11 +172,11 @@ options:
required: false required: false
dump_file_path: dump_file_path:
description: description:
- Path to a SQL dump file in Google Cloud Storage from which the slave instance is - Path to a SQL dump file in Google Cloud Storage from which the slave
to be created. The URI is in the form gs://bucketName/fileName. Compressed gzip instance is to be created. The URI is in the form gs://bucketName/fileName.
files (.gz) are also supported. Dumps should have the binlog co-ordinates from which Compressed gzip files (.gz) are also supported. Dumps should have the
replication should begin. This can be accomplished by setting --master-data to 1 binlog co-ordinates from which replication should begin. This can be
when using mysqldump. accomplished by setting --master-data to 1 when using mysqldump.
required: false required: false
master_heartbeat_period: master_heartbeat_period:
description: description:
@ -184,8 +196,8 @@ options:
required: false required: false
verify_server_certificate: verify_server_certificate:
description: description:
- Whether or not to check the master's Common Name value in the certificate that it - Whether or not to check the master's Common Name value in the certificate
sends during the SSL handshake. that it sends during the SSL handshake.
required: false required: false
type: bool type: bool
replica_names: replica_names:
@ -194,8 +206,8 @@ options:
required: false required: false
service_account_email_address: service_account_email_address:
description: description:
- The service account email address assigned to the instance. This property is applicable - The service account email address assigned to the instance. This property
only to Second Generation instances. is applicable only to Second Generation instances.
required: false required: false
settings: settings:
description: description:
@ -204,9 +216,9 @@ options:
suboptions: suboptions:
ip_configuration: ip_configuration:
description: description:
- The settings for IP Management. This allows to enable or disable the instance IP - The settings for IP Management. This allows to enable or disable the instance
and manage which external networks can connect to the instance. The IPv4 address IP and manage which external networks can connect to the instance. The IPv4
cannot be disabled for Second Generation instances. address cannot be disabled for Second Generation instances.
required: false required: false
suboptions: suboptions:
ipv4_enabled: ipv4_enabled:
@ -216,14 +228,15 @@ options:
type: bool type: bool
authorized_networks: authorized_networks:
description: description:
- The list of external networks that are allowed to connect to the instance using - The list of external networks that are allowed to connect to the instance
the IP. In CIDR notation, also known as 'slash' notation (e.g. 192.168.100.0/24). using the IP. In CIDR notation, also known as 'slash' notation (e.g.
192.168.100.0/24).
required: false required: false
suboptions: suboptions:
expiration_time: expiration_time:
description: description:
- The time when this access control entry expires in RFC 3339 format, for example - The time when this access control entry expires in RFC 3339 format,
2012-11-15T16:19:00.094Z. for example 2012-11-15T16:19:00.094Z.
required: false required: false
name: name:
description: description:
@ -231,26 +244,28 @@ options:
required: false required: false
value: value:
description: description:
- The whitelisted value for the access control list. For example, to grant access - The whitelisted value for the access control list. For example,
to a client from an external IP (IPv4 or IPv6) address or subnet, use that address to grant access to a client from an external IP (IPv4 or IPv6) address
or subnet here. or subnet, use that address or subnet here.
required: false required: false
require_ssl: require_ssl:
description: description:
- Whether the mysqld should default to 'REQUIRE X509' for users connecting over IP. - Whether the mysqld should default to 'REQUIRE X509' for users connecting
over IP.
required: false required: false
type: bool type: bool
tier: tier:
description: description:
- The tier or machine type for this instance, for example db-n1-standard-1. For MySQL - The tier or machine type for this instance, for example db-n1-standard-1.
instances, this field determines whether the instance is Second Generation (recommended) For MySQL instances, this field determines whether the instance is Second
or First Generation. Generation (recommended) or First Generation.
required: false required: false
settings_version: settings_version:
description: description:
- The version of instance settings. This is a required field for update method to - The version of instance settings. This is a required field for update method
make sure concurrent updates are handled properly. During update, use the most to make sure concurrent updates are handled properly. During update, use
recent settingsVersion value for this instance and do not try to update this value. the most recent settingsVersion value for this instance and do not try to
update this value.
required: false required: false
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -288,31 +303,31 @@ RETURN = '''
databaseVersion: databaseVersion:
description: description:
- The database engine type and version. For First Generation instances, can be MYSQL_5_5, - The database engine type and version. For First Generation instances, can be MYSQL_5_5,
or MYSQL_5_6. For Second Generation instances, can be MYSQL_5_6 or MYSQL_5_7. Defaults or MYSQL_5_6. For Second Generation instances, can be MYSQL_5_6 or MYSQL_5_7.
to MYSQL_5_6. Defaults to MYSQL_5_6.
- 'PostgreSQL instances: POSTGRES_9_6 The databaseVersion property can not be changed - 'PostgreSQL instances: POSTGRES_9_6 The databaseVersion property can not be changed
after instance creation.' after instance creation.'
returned: success returned: success
type: str type: str
failoverReplica: failoverReplica:
description: description:
- The name and status of the failover replica. This property is applicable only to - The name and status of the failover replica. This property is applicable only
Second Generation instances. to Second Generation instances.
returned: success returned: success
type: complex type: complex
contains: contains:
available: available:
description: description:
- The availability status of the failover replica. A false status indicates that the - The availability status of the failover replica. A false status indicates
failover replica is out of sync. The master can only failover to the falover replica that the failover replica is out of sync. The master can only failover to
when the status is true. the falover replica when the status is true.
returned: success returned: success
type: bool type: bool
name: name:
description: description:
- The name of the failover replica. If specified at instance creation, a failover - The name of the failover replica. If specified at instance creation, a failover
replica is created for the instance. The name doesn't include the project ID. This replica is created for the instance. The name doesn't include the project
property is applicable only to Second Generation instances. ID. This property is applicable only to Second Generation instances.
returned: success returned: success
type: str type: str
instanceType: instanceType:
@ -342,15 +357,15 @@ RETURN = '''
type: str type: str
type: type:
description: description:
- The type of this IP address. A PRIMARY address is an address that can accept incoming - The type of this IP address. A PRIMARY address is an address that can accept
connections. An OUTGOING address is the source address of connections originating incoming connections. An OUTGOING address is the source address of connections
from the instance, if supported. originating from the instance, if supported.
returned: success returned: success
type: str type: str
ipv6Address: ipv6Address:
description: description:
- The IPv6 address assigned to the instance. This property is applicable only to First - The IPv6 address assigned to the instance. This property is applicable only to
Generation instances. First Generation instances.
returned: success returned: success
type: str type: str
masterInstanceName: masterInstanceName:
@ -382,21 +397,21 @@ RETURN = '''
contains: contains:
failoverTarget: failoverTarget:
description: description:
- Specifies if the replica is the failover target. If the field is set to true the - Specifies if the replica is the failover target. If the field is set to true
replica will be designated as a failover replica. the replica will be designated as a failover replica.
- In case the master instance fails, the replica instance will be promoted as the - In case the master instance fails, the replica instance will be promoted as
new master instance. the new master instance.
- Only one replica can be specified as failover target, and the replica has to be - Only one replica can be specified as failover target, and the replica has
in different zone with the master instance. to be in different zone with the master instance.
returned: success returned: success
type: bool type: bool
mysqlReplicaConfiguration: mysqlReplicaConfiguration:
description: description:
- MySQL specific configuration when replicating from a MySQL on-premises master. Replication - MySQL specific configuration when replicating from a MySQL on-premises master.
configuration information such as the username, password, certificates, and keys Replication configuration information such as the username, password, certificates,
are not stored in the instance metadata. The configuration information is used and keys are not stored in the instance metadata. The configuration information
only to set up the replication connection and is stored by MySQL in a file named is used only to set up the replication connection and is stored by MySQL in
master.info in the data directory. a file named master.info in the data directory.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -412,8 +427,8 @@ RETURN = '''
type: str type: str
clientKey: clientKey:
description: description:
- PEM representation of the slave's private key. The corresponsing public key is encoded - PEM representation of the slave's private key. The corresponsing public
in the client's asf asd certificate. key is encoded in the client's asf asd certificate.
returned: success returned: success
type: str type: str
connectRetryInterval: connectRetryInterval:
@ -423,11 +438,11 @@ RETURN = '''
type: int type: int
dumpFilePath: dumpFilePath:
description: description:
- Path to a SQL dump file in Google Cloud Storage from which the slave instance is - Path to a SQL dump file in Google Cloud Storage from which the slave instance
to be created. The URI is in the form gs://bucketName/fileName. Compressed gzip is to be created. The URI is in the form gs://bucketName/fileName. Compressed
files (.gz) are also supported. Dumps should have the binlog co-ordinates from which gzip files (.gz) are also supported. Dumps should have the binlog co-ordinates
replication should begin. This can be accomplished by setting --master-data to 1 from which replication should begin. This can be accomplished by setting
when using mysqldump. --master-data to 1 when using mysqldump.
returned: success returned: success
type: str type: str
masterHeartbeatPeriod: masterHeartbeatPeriod:
@ -452,8 +467,8 @@ RETURN = '''
type: str type: str
verifyServerCertificate: verifyServerCertificate:
description: description:
- Whether or not to check the master's Common Name value in the certificate that it - Whether or not to check the master's Common Name value in the certificate
sends during the SSL handshake. that it sends during the SSL handshake.
returned: success returned: success
type: bool type: bool
replicaNames: replicaNames:
@ -463,8 +478,8 @@ RETURN = '''
type: list type: list
serviceAccountEmailAddress: serviceAccountEmailAddress:
description: description:
- The service account email address assigned to the instance. This property is applicable - The service account email address assigned to the instance. This property
only to Second Generation instances. is applicable only to Second Generation instances.
returned: success returned: success
type: str type: str
settings: settings:
@ -475,9 +490,9 @@ RETURN = '''
contains: contains:
ipConfiguration: ipConfiguration:
description: description:
- The settings for IP Management. This allows to enable or disable the instance IP - The settings for IP Management. This allows to enable or disable the instance
and manage which external networks can connect to the instance. The IPv4 address IP and manage which external networks can connect to the instance. The IPv4
cannot be disabled for Second Generation instances. address cannot be disabled for Second Generation instances.
returned: success returned: success
type: complex type: complex
contains: contains:
@ -488,15 +503,15 @@ RETURN = '''
type: bool type: bool
authorizedNetworks: authorizedNetworks:
description: description:
- The list of external networks that are allowed to connect to the instance using - The list of external networks that are allowed to connect to the instance
the IP. In CIDR notation, also known as 'slash' notation (e.g. 192.168.100.0/24). using the IP. In CIDR notation, also known as 'slash' notation (e.g. 192.168.100.0/24).
returned: success returned: success
type: complex type: complex
contains: contains:
expirationTime: expirationTime:
description: description:
- The time when this access control entry expires in RFC 3339 format, for example - The time when this access control entry expires in RFC 3339 format,
2012-11-15T16:19:00.094Z. for example 2012-11-15T16:19:00.094Z.
returned: success returned: success
type: str type: str
name: name:
@ -506,28 +521,30 @@ RETURN = '''
type: str type: str
value: value:
description: description:
- The whitelisted value for the access control list. For example, to grant access - The whitelisted value for the access control list. For example, to
to a client from an external IP (IPv4 or IPv6) address or subnet, use that address grant access to a client from an external IP (IPv4 or IPv6) address
or subnet here. or subnet, use that address or subnet here.
returned: success returned: success
type: str type: str
requireSsl: requireSsl:
description: description:
- Whether the mysqld should default to 'REQUIRE X509' for users connecting over IP. - Whether the mysqld should default to 'REQUIRE X509' for users connecting
over IP.
returned: success returned: success
type: bool type: bool
tier: tier:
description: description:
- The tier or machine type for this instance, for example db-n1-standard-1. For MySQL - The tier or machine type for this instance, for example db-n1-standard-1.
instances, this field determines whether the instance is Second Generation (recommended) For MySQL instances, this field determines whether the instance is Second
or First Generation. Generation (recommended) or First Generation.
returned: success returned: success
type: str type: str
settingsVersion: settingsVersion:
description: description:
- The version of instance settings. This is a required field for update method to - The version of instance settings. This is a required field for update method
make sure concurrent updates are handled properly. During update, use the most to make sure concurrent updates are handled properly. During update, use the
recent settingsVersion value for this instance and do not try to update this value. most recent settingsVersion value for this instance and do not try to update
this value.
returned: success returned: success
type: int type: int
''' '''
@ -649,14 +666,14 @@ def resource_to_request(module):
u'backendType': module.params.get('backend_type'), u'backendType': module.params.get('backend_type'),
u'connectionName': module.params.get('connection_name'), u'connectionName': module.params.get('connection_name'),
u'databaseVersion': module.params.get('database_version'), u'databaseVersion': module.params.get('database_version'),
u'failoverReplica': InstanceFailoverReplica(module.params.get('failover_replica', {}), module).to_request(), u'failoverReplica': InstanceFailoverreplica(module.params.get('failover_replica', {}), module).to_request(),
u'instanceType': module.params.get('instance_type'), u'instanceType': module.params.get('instance_type'),
u'ipv6Address': module.params.get('ipv6_address'), u'ipv6Address': module.params.get('ipv6_address'),
u'masterInstanceName': module.params.get('master_instance_name'), u'masterInstanceName': module.params.get('master_instance_name'),
u'maxDiskSize': module.params.get('max_disk_size'), u'maxDiskSize': module.params.get('max_disk_size'),
u'name': module.params.get('name'), u'name': module.params.get('name'),
u'region': module.params.get('region'), u'region': module.params.get('region'),
u'replicaConfiguration': InstanceReplicaConfiguration(module.params.get('replica_configuration', {}), module).to_request(), u'replicaConfiguration': InstanceReplicaconfiguration(module.params.get('replica_configuration', {}), module).to_request(),
u'settings': InstanceSettings(module.params.get('settings', {}), module).to_request() u'settings': InstanceSettings(module.params.get('settings', {}), module).to_request()
} }
return_vals = {} return_vals = {}
@ -682,7 +699,7 @@ def collection(module):
def return_if_object(module, response, kind, allow_not_found=False): def return_if_object(module, response, kind, allow_not_found=False):
# If not found, return nothing. # If not found, return nothing.
if response.status_code == 404: if allow_not_found and response.status_code == 404:
return None return None
# If no content, return nothing. # If no content, return nothing.
@ -690,7 +707,7 @@ def return_if_object(module, response, kind, allow_not_found=False):
return None return None
# SQL only: return on 403 if not exist # SQL only: return on 403 if not exist
if response.status_code == 403: if allow_not_found and response.status_code == 403:
return None return None
try: try:
@ -700,8 +717,6 @@ def return_if_object(module, response, kind, allow_not_found=False):
if navigate_hash(result, ['error', 'errors']): if navigate_hash(result, ['error', 'errors']):
module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) module.fail_json(msg=navigate_hash(result, ['error', 'errors']))
if result['kind'] != kind:
module.fail_json(msg="Incorrect result: {kind}".format(**result))
return result return result
@ -731,15 +746,15 @@ def response_to_hash(module, response):
u'backendType': response.get(u'backendType'), u'backendType': response.get(u'backendType'),
u'connectionName': response.get(u'connectionName'), u'connectionName': response.get(u'connectionName'),
u'databaseVersion': response.get(u'databaseVersion'), u'databaseVersion': response.get(u'databaseVersion'),
u'failoverReplica': InstanceFailoverReplica(response.get(u'failoverReplica', {}), module).from_response(), u'failoverReplica': InstanceFailoverreplica(response.get(u'failoverReplica', {}), module).from_response(),
u'instanceType': response.get(u'instanceType'), u'instanceType': response.get(u'instanceType'),
u'ipAddresses': InstanceIpAddressesArray(response.get(u'ipAddresses', []), module).from_response(), u'ipAddresses': InstanceIpaddressesArray(response.get(u'ipAddresses', []), module).from_response(),
u'ipv6Address': response.get(u'ipv6Address'), u'ipv6Address': response.get(u'ipv6Address'),
u'masterInstanceName': response.get(u'masterInstanceName'), u'masterInstanceName': response.get(u'masterInstanceName'),
u'maxDiskSize': response.get(u'maxDiskSize'), u'maxDiskSize': response.get(u'maxDiskSize'),
u'name': response.get(u'name'), u'name': response.get(u'name'),
u'region': response.get(u'region'), u'region': response.get(u'region'),
u'replicaConfiguration': InstanceReplicaConfiguration(response.get(u'replicaConfiguration', {}), module).from_response(), u'replicaConfiguration': InstanceReplicaconfiguration(response.get(u'replicaConfiguration', {}), module).from_response(),
u'settings': InstanceSettings(response.get(u'settings', {}), module).from_response() u'settings': InstanceSettings(response.get(u'settings', {}), module).from_response()
} }
@ -768,8 +783,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'sql#operation') op_result = fetch_resource(module, op_uri, 'sql#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result
@ -781,7 +794,7 @@ def raise_if_errors(response, err_path, module):
module.fail_json(msg=errors) module.fail_json(msg=errors)
class InstanceFailoverReplica(object): class InstanceFailoverreplica(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -802,7 +815,7 @@ class InstanceFailoverReplica(object):
}) })
class InstanceIpAddressesArray(object): class InstanceIpaddressesArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -837,7 +850,7 @@ class InstanceIpAddressesArray(object):
}) })
class InstanceReplicaConfiguration(object): class InstanceReplicaconfiguration(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -848,7 +861,7 @@ class InstanceReplicaConfiguration(object):
def to_request(self): def to_request(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'failoverTarget': self.request.get('failover_target'), u'failoverTarget': self.request.get('failover_target'),
u'mysqlReplicaConfiguration': InstanceMysqlReplicaConfiguration(self.request.get('mysql_replica_configuration', {}), self.module).to_request(), u'mysqlReplicaConfiguration': InstanceMysqlreplicaconfiguration(self.request.get('mysql_replica_configuration', {}), self.module).to_request(),
u'replicaNames': self.request.get('replica_names'), u'replicaNames': self.request.get('replica_names'),
u'serviceAccountEmailAddress': self.request.get('service_account_email_address') u'serviceAccountEmailAddress': self.request.get('service_account_email_address')
}) })
@ -856,13 +869,13 @@ class InstanceReplicaConfiguration(object):
def from_response(self): def from_response(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'failoverTarget': self.request.get(u'failoverTarget'), u'failoverTarget': self.request.get(u'failoverTarget'),
u'mysqlReplicaConfiguration': InstanceMysqlReplicaConfiguration(self.request.get(u'mysqlReplicaConfiguration', {}), self.module).from_response(), u'mysqlReplicaConfiguration': InstanceMysqlreplicaconfiguration(self.request.get(u'mysqlReplicaConfiguration', {}), self.module).from_response(),
u'replicaNames': self.request.get(u'replicaNames'), u'replicaNames': self.request.get(u'replicaNames'),
u'serviceAccountEmailAddress': self.request.get(u'serviceAccountEmailAddress') u'serviceAccountEmailAddress': self.request.get(u'serviceAccountEmailAddress')
}) })
class InstanceMysqlReplicaConfiguration(object): class InstanceMysqlreplicaconfiguration(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -909,20 +922,20 @@ class InstanceSettings(object):
def to_request(self): def to_request(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'ipConfiguration': InstanceIpConfiguration(self.request.get('ip_configuration', {}), self.module).to_request(), u'ipConfiguration': InstanceIpconfiguration(self.request.get('ip_configuration', {}), self.module).to_request(),
u'tier': self.request.get('tier'), u'tier': self.request.get('tier'),
u'settingsVersion': self.request.get('settings_version') u'settingsVersion': self.request.get('settings_version')
}) })
def from_response(self): def from_response(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'ipConfiguration': InstanceIpConfiguration(self.request.get(u'ipConfiguration', {}), self.module).from_response(), u'ipConfiguration': InstanceIpconfiguration(self.request.get(u'ipConfiguration', {}), self.module).from_response(),
u'tier': self.request.get(u'tier'), u'tier': self.request.get(u'tier'),
u'settingsVersion': self.request.get(u'settingsVersion') u'settingsVersion': self.request.get(u'settingsVersion')
}) })
class InstanceIpConfiguration(object): class InstanceIpconfiguration(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -933,19 +946,19 @@ class InstanceIpConfiguration(object):
def to_request(self): def to_request(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'ipv4Enabled': self.request.get('ipv4_enabled'), u'ipv4Enabled': self.request.get('ipv4_enabled'),
u'authorizedNetworks': InstanceAuthorizedNetworksArray(self.request.get('authorized_networks', []), self.module).to_request(), u'authorizedNetworks': InstanceAuthorizednetworksArray(self.request.get('authorized_networks', []), self.module).to_request(),
u'requireSsl': self.request.get('require_ssl') u'requireSsl': self.request.get('require_ssl')
}) })
def from_response(self): def from_response(self):
return remove_nones_from_dict({ return remove_nones_from_dict({
u'ipv4Enabled': self.request.get(u'ipv4Enabled'), u'ipv4Enabled': self.request.get(u'ipv4Enabled'),
u'authorizedNetworks': InstanceAuthorizedNetworksArray(self.request.get(u'authorizedNetworks', []), self.module).from_response(), u'authorizedNetworks': InstanceAuthorizednetworksArray(self.request.get(u'authorizedNetworks', []), self.module).from_response(),
u'requireSsl': self.request.get(u'requireSsl') u'requireSsl': self.request.get(u'requireSsl')
}) })
class InstanceAuthorizedNetworksArray(object): class InstanceAuthorizednetworksArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

26
plugins/modules/gcp_sql_user.py
View file

@ -44,13 +44,15 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
host: host:
description: description:
- The host name from which the user can connect. For insert operations, host defaults - The host name from which the user can connect. For insert operations, host defaults
to an empty string. For update operations, host is specified as part of the request to an empty string. For update operations, host is specified as part of the
URL. The host name cannot be updated after insertion. request URL. The host name cannot be updated after insertion.
required: true required: true
name: name:
description: description:
@ -60,10 +62,10 @@ options:
description: description:
- The name of the Cloud SQL instance. This does not include the project ID. - The name of the Cloud SQL instance. This does not include the project ID.
- 'This field represents a link to a Instance resource in GCP. It can be specified - 'This field represents a link to a Instance resource in GCP. It can be specified
in two ways. You can add `register: name-of-resource` to a gcp_sql_instance task in two ways. You can add `register: name-of-resource` to a gcp_sql_instance
and then set this instance field to "{{ name-of-resource }}" Alternatively, you task and then set this instance field to "{{ name-of-resource }}" Alternatively,
can set this instance to a dictionary with the name key where the value is the name you can set this instance to a dictionary with the name key where the value
of your Instance.' is the name of your Instance'
required: true required: true
password: password:
description: description:
@ -278,7 +280,7 @@ def collection(module):
def return_if_object(module, response, kind, allow_not_found=False): def return_if_object(module, response, kind, allow_not_found=False):
# If not found, return nothing. # If not found, return nothing.
if response.status_code == 404: if allow_not_found and response.status_code == 404:
return None return None
# If no content, return nothing. # If no content, return nothing.
@ -286,7 +288,7 @@ def return_if_object(module, response, kind, allow_not_found=False):
return None return None
# SQL only: return on 403 if not exist # SQL only: return on 403 if not exist
if response.status_code == 403: if allow_not_found and response.status_code == 403:
return None return None
try: try:
@ -296,8 +298,6 @@ def return_if_object(module, response, kind, allow_not_found=False):
if navigate_hash(result, ['error', 'errors']): if navigate_hash(result, ['error', 'errors']):
module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) module.fail_json(msg=navigate_hash(result, ['error', 'errors']))
if result['kind'] != kind:
module.fail_json(msg="Incorrect result: {kind}".format(**result))
return result return result
@ -353,8 +353,6 @@ def wait_for_completion(status, op_result, module):
while status != 'DONE': while status != 'DONE':
raise_if_errors(op_result, ['error', 'errors'], 'message') raise_if_errors(op_result, ['error', 'errors'], 'message')
time.sleep(1.0) time.sleep(1.0)
if status not in ['PENDING', 'RUNNING', 'DONE']:
module.fail_json(msg="Invalid result %s" % status)
op_result = fetch_resource(module, op_uri, 'sql#operation') op_result = fetch_resource(module, op_uri, 'sql#operation')
status = navigate_hash(op_result, ['status']) status = navigate_hash(op_result, ['status'])
return op_result return op_result

274
plugins/modules/gcp_storage_bucket.py
View file

@ -49,8 +49,10 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
acl: acl:
description: description:
- Access controls on the bucket. - Access controls on the bucket.
@ -59,11 +61,11 @@ options:
bucket: bucket:
description: description:
- The name of the bucket. - The name of the bucket.
- 'This field represents a link to a Bucket resource in GCP. It can be specified in - 'This field represents a link to a Bucket resource in GCP. It can be specified
two ways. You can add `register: name-of-resource` to a gcp_storage_bucket task in two ways. You can add `register: name-of-resource` to a gcp_storage_bucket
and then set this bucket field to "{{ name-of-resource }}" Alternatively, you can task and then set this bucket field to "{{ name-of-resource }}" Alternatively,
set this bucket to a dictionary with the name key where the value is the name of you can set this bucket to a dictionary with the name key where the value
your Bucket.' is the name of your Bucket'
required: true required: true
domain: domain:
description: description:
@ -76,12 +78,12 @@ options:
entity: entity:
description: description:
- 'The entity holding the permission, in one of the following forms: user-userId - 'The entity holding the permission, in one of the following forms: user-userId
user-email group-groupId group-email domain-domain project-team-projectId allUsers user-email group-groupId group-email domain-domain project-team-projectId
allAuthenticatedUsers Examples: The user liz@example.com would be allUsers allAuthenticatedUsers Examples: The user liz@example.com would
user-liz@example.com.' be user-liz@example.com.'
- The group example@googlegroups.com would be group-example@googlegroups.com. - The group example@googlegroups.com would be group-example@googlegroups.com.
- To refer to all members of the Google Apps for Business domain example.com, the - To refer to all members of the Google Apps for Business domain example.com,
entity would be domain-example.com. the entity would be domain-example.com.
required: true required: true
entity_id: entity_id:
description: description:
@ -104,12 +106,18 @@ options:
description: description:
- The team. - The team.
required: false required: false
choices: ['editors', 'owners', 'viewers'] choices:
- editors
- owners
- viewers
role: role:
description: description:
- The access permission for the entity. - The access permission for the entity.
required: false required: false
choices: ['OWNER', 'READER', 'WRITER'] choices:
- OWNER
- READER
- WRITER
cors: cors:
description: description:
- The bucket's Cross-Origin Resource Sharing (CORS) configuration. - The bucket's Cross-Origin Resource Sharing (CORS) configuration.
@ -117,13 +125,14 @@ options:
suboptions: suboptions:
max_age_seconds: max_age_seconds:
description: description:
- The value, in seconds, to return in the Access-Control-Max-Age header used in preflight - The value, in seconds, to return in the Access-Control-Max-Age header used
responses. in preflight responses.
required: false required: false
method: method:
description: description:
- 'The list of HTTP methods on which to include CORS response headers, (GET, OPTIONS, - 'The list of HTTP methods on which to include CORS response headers, (GET,
POST, etc) Note: "*" is permitted in the list of methods, and means "any method".' OPTIONS, POST, etc) Note: "*" is permitted in the list of methods, and means
"any method".'
required: false required: false
origin: origin:
description: description:
@ -132,8 +141,8 @@ options:
required: false required: false
response_header: response_header:
description: description:
- The list of HTTP headers other than the simple response headers to give permission - The list of HTTP headers other than the simple response headers to give
for the user-agent to share across domains. permission for the user-agent to share across domains.
required: false required: false
default_object_acl: default_object_acl:
description: description:
@ -144,11 +153,11 @@ options:
bucket: bucket:
description: description:
- The name of the bucket. - The name of the bucket.
- 'This field represents a link to a Bucket resource in GCP. It can be specified in - 'This field represents a link to a Bucket resource in GCP. It can be specified
two ways. You can add `register: name-of-resource` to a gcp_storage_bucket task in two ways. You can add `register: name-of-resource` to a gcp_storage_bucket
and then set this bucket field to "{{ name-of-resource }}" Alternatively, you can task and then set this bucket field to "{{ name-of-resource }}" Alternatively,
set this bucket to a dictionary with the name key where the value is the name of you can set this bucket to a dictionary with the name key where the value
your Bucket.' is the name of your Bucket'
required: true required: true
domain: domain:
description: description:
@ -160,13 +169,11 @@ options:
required: false required: false
entity: entity:
description: description:
- 'The entity holding the permission, in one of the following forms: user-userId - 'The entity holding the permission, in one of the following forms: * user-{{userId}}
user-email group-groupId group-email domain-domain project-team-projectId allUsers * user-{{email}} (such as "user-liz@example.com") * group-{{groupId}} *
allAuthenticatedUsers Examples: The user liz@example.com would be group-{{email}} (such as "group-example@googlegroups.com") * domain-{{domain}}
user-liz@example.com.' (such as "domain-example.com") * project-team-{{projectId}} * allUsers *
- The group example@googlegroups.com would be group-example@googlegroups.com. allAuthenticatedUsers .'
- To refer to all members of the Google Apps for Business domain example.com, the
entity would be domain-example.com.
required: true required: true
entity_id: entity_id:
description: description:
@ -197,12 +204,17 @@ options:
description: description:
- The team. - The team.
required: false required: false
choices: ['editors', 'owners', 'viewers'] choices:
- editors
- owners
- viewers
role: role:
description: description:
- The access permission for the entity. - The access permission for the entity.
required: false required: true
choices: ['OWNER', 'READER'] choices:
- OWNER
- READER
lifecycle: lifecycle:
description: description:
- The bucket's lifecycle configuration. - The bucket's lifecycle configuration.
@ -211,8 +223,8 @@ options:
suboptions: suboptions:
rule: rule:
description: description:
- A lifecycle management rule, which is made of an action to take and the condition(s) - A lifecycle management rule, which is made of an action to take and the
under which the action will be taken. condition(s) under which the action will be taken.
required: false required: false
suboptions: suboptions:
action: action:
@ -226,9 +238,12 @@ options:
required: false required: false
type: type:
description: description:
- Type of the action. Currently, only Delete and SetStorageClass are supported. - Type of the action. Currently, only Delete and SetStorageClass are
supported.
required: false required: false
choices: ['Delete', 'SetStorageClass'] choices:
- Delete
- SetStorageClass
condition: condition:
description: description:
- The condition(s) under which the action will be taken. - The condition(s) under which the action will be taken.
@ -236,42 +251,44 @@ options:
suboptions: suboptions:
age_days: age_days:
description: description:
- Age of an object (in days). This condition is satisfied when an object reaches the - Age of an object (in days). This condition is satisfied when an
specified age. object reaches the specified age.
required: false required: false
created_before: created_before:
description: description:
- A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). - A date in RFC 3339 format with only the date part (for instance,
This condition is satisfied when an object is created before midnight of the specified "2013-01-15"). This condition is satisfied when an object is created
date in UTC. before midnight of the specified date in UTC.
required: false required: false
is_live: is_live:
description: description:
- Relevant only for versioned objects. If the value is true, this condition matches - Relevant only for versioned objects. If the value is true, this
live objects; if the value is false, it matches archived objects. condition matches live objects; if the value is false, it matches
archived objects.
required: false required: false
type: bool type: bool
matches_storage_class: matches_storage_class:
description: description:
- Objects having any of the storage classes specified by this condition will be matched. - Objects having any of the storage classes specified by this condition
Values include MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, and DURABLE_REDUCED_AVAILABILITY. will be matched. Values include MULTI_REGIONAL, REGIONAL, NEARLINE,
COLDLINE, STANDARD, and DURABLE_REDUCED_AVAILABILITY.
required: false required: false
num_newer_versions: num_newer_versions:
description: description:
- Relevant only for versioned objects. If the value is N, this condition is satisfied - Relevant only for versioned objects. If the value is N, this condition
when there are at least N versions (including the live version) newer than this is satisfied when there are at least N versions (including the live
version of the object. version) newer than this version of the object.
required: false required: false
location: location:
description: description:
- The location of the bucket. Object data for objects in the bucket resides in physical - The location of the bucket. Object data for objects in the bucket resides in
storage within this region. Defaults to US. See the developer's guide for the authoritative physical storage within this region. Defaults to US. See the developer's guide
list. for the authoritative list.
required: false required: false
logging: logging:
description: description:
- The bucket's logging configuration, which defines the destination bucket and optional - The bucket's logging configuration, which defines the destination bucket and
name prefix for the current bucket's logs. optional name prefix for the current bucket's logs.
required: false required: false
suboptions: suboptions:
log_bucket: log_bucket:
@ -305,14 +322,20 @@ options:
required: false required: false
storage_class: storage_class:
description: description:
- The bucket's default storage class, used whenever no storageClass is specified for - The bucket's default storage class, used whenever no storageClass is specified
a newly-created object. This defines how objects in the bucket are stored and determines for a newly-created object. This defines how objects in the bucket are stored
the SLA and the cost of storage. and determines the SLA and the cost of storage.
- Values include MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, and DURABLE_REDUCED_AVAILABILITY. - Values include MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, and DURABLE_REDUCED_AVAILABILITY.
If this value is not specified when the bucket is created, it will default to STANDARD. If this value is not specified when the bucket is created, it will default to
For more information, see storage classes. STANDARD. For more information, see storage classes.
required: false required: false
choices: ['MULTI_REGIONAL', 'REGIONAL', 'STANDARD', 'NEARLINE', 'COLDLINE', 'DURABLE_REDUCED_AVAILABILITY'] choices:
- MULTI_REGIONAL
- REGIONAL
- STANDARD
- NEARLINE
- COLDLINE
- DURABLE_REDUCED_AVAILABILITY
versioning: versioning:
description: description:
- The bucket's versioning configuration. - The bucket's versioning configuration.
@ -325,21 +348,23 @@ options:
type: bool type: bool
website: website:
description: description:
- The bucket's website configuration, controlling how the service behaves when accessing - The bucket's website configuration, controlling how the service behaves when
bucket contents as a web site. See the Static Website Examples for more information. accessing bucket contents as a web site. See the Static Website Examples for
more information.
required: false required: false
suboptions: suboptions:
main_page_suffix: main_page_suffix:
description: description:
- If the requested object path is missing, the service will ensure the path has a - If the requested object path is missing, the service will ensure the path
trailing '/', append this suffix, and attempt to retrieve the resulting object. has a trailing '/', append this suffix, and attempt to retrieve the resulting
This allows the creation of index.html objects to represent directory pages. object. This allows the creation of index.html objects to represent directory
pages.
required: false required: false
not_found_page: not_found_page:
description: description:
- If the requested object path is missing, and any mainPageSuffix object is missing, - If the requested object path is missing, and any mainPageSuffix object is
if applicable, the service will return the named object from this bucket as the missing, if applicable, the service will return the named object from this
content for a 404 Not Found result. bucket as the content for a 404 Not Found result.
required: false required: false
project: project:
description: description:
@ -359,7 +384,13 @@ options:
get access according to their roles.' get access according to their roles.'
- '- "publicRead": Object owner gets OWNER access, and allUsers get READER access.' - '- "publicRead": Object owner gets OWNER access, and allUsers get READER access.'
required: false required: false
choices: ['authenticatedRead', 'bucketOwnerFullControl', 'bucketOwnerRead', 'private', 'projectPrivate', 'publicRead'] choices:
- authenticatedRead
- bucketOwnerFullControl
- bucketOwnerRead
- private
- projectPrivate
- publicRead
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -398,12 +429,12 @@ RETURN = '''
entity: entity:
description: description:
- 'The entity holding the permission, in one of the following forms: user-userId - 'The entity holding the permission, in one of the following forms: user-userId
user-email group-groupId group-email domain-domain project-team-projectId allUsers user-email group-groupId group-email domain-domain project-team-projectId
allAuthenticatedUsers Examples: The user liz@example.com would be allUsers allAuthenticatedUsers Examples: The user liz@example.com would be
user-liz@example.com.' user-liz@example.com.'
- The group example@googlegroups.com would be group-example@googlegroups.com. - The group example@googlegroups.com would be group-example@googlegroups.com.
- To refer to all members of the Google Apps for Business domain example.com, the - To refer to all members of the Google Apps for Business domain example.com,
entity would be domain-example.com. the entity would be domain-example.com.
returned: success returned: success
type: str type: str
entityId: entityId:
@ -445,14 +476,15 @@ RETURN = '''
contains: contains:
maxAgeSeconds: maxAgeSeconds:
description: description:
- The value, in seconds, to return in the Access-Control-Max-Age header used in preflight - The value, in seconds, to return in the Access-Control-Max-Age header used
responses. in preflight responses.
returned: success returned: success
type: int type: int
method: method:
description: description:
- 'The list of HTTP methods on which to include CORS response headers, (GET, OPTIONS, - 'The list of HTTP methods on which to include CORS response headers, (GET,
POST, etc) Note: "*" is permitted in the list of methods, and means "any method".' OPTIONS, POST, etc) Note: "*" is permitted in the list of methods, and means
"any method".'
returned: success returned: success
type: list type: list
origin: origin:
@ -490,13 +522,10 @@ RETURN = '''
type: str type: str
entity: entity:
description: description:
- 'The entity holding the permission, in one of the following forms: user-userId - 'The entity holding the permission, in one of the following forms: * user-{{userId}}
user-email group-groupId group-email domain-domain project-team-projectId allUsers * user-{{email}} (such as "user-liz@example.com") * group-{{groupId}} * group-{{email}}
allAuthenticatedUsers Examples: The user liz@example.com would be (such as "group-example@googlegroups.com") * domain-{{domain}} (such as "domain-example.com")
user-liz@example.com.' * project-team-{{projectId}} * allUsers * allAuthenticatedUsers .'
- The group example@googlegroups.com would be group-example@googlegroups.com.
- To refer to all members of the Google Apps for Business domain example.com, the
entity would be domain-example.com.
returned: success returned: success
type: str type: str
entityId: entityId:
@ -572,7 +601,8 @@ RETURN = '''
type: str type: str
type: type:
description: description:
- Type of the action. Currently, only Delete and SetStorageClass are supported. - Type of the action. Currently, only Delete and SetStorageClass are
supported.
returned: success returned: success
type: str type: str
condition: condition:
@ -583,41 +613,42 @@ RETURN = '''
contains: contains:
ageDays: ageDays:
description: description:
- Age of an object (in days). This condition is satisfied when an object reaches the - Age of an object (in days). This condition is satisfied when an object
specified age. reaches the specified age.
returned: success returned: success
type: int type: int
createdBefore: createdBefore:
description: description:
- A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). - A date in RFC 3339 format with only the date part (for instance, "2013-01-15").
This condition is satisfied when an object is created before midnight of the specified This condition is satisfied when an object is created before midnight
date in UTC. of the specified date in UTC.
returned: success returned: success
type: str type: str
isLive: isLive:
description: description:
- Relevant only for versioned objects. If the value is true, this condition matches - Relevant only for versioned objects. If the value is true, this condition
live objects; if the value is false, it matches archived objects. matches live objects; if the value is false, it matches archived objects.
returned: success returned: success
type: bool type: bool
matchesStorageClass: matchesStorageClass:
description: description:
- Objects having any of the storage classes specified by this condition will be matched. - Objects having any of the storage classes specified by this condition
Values include MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, and DURABLE_REDUCED_AVAILABILITY. will be matched. Values include MULTI_REGIONAL, REGIONAL, NEARLINE,
COLDLINE, STANDARD, and DURABLE_REDUCED_AVAILABILITY.
returned: success returned: success
type: list type: list
numNewerVersions: numNewerVersions:
description: description:
- Relevant only for versioned objects. If the value is N, this condition is satisfied - Relevant only for versioned objects. If the value is N, this condition
when there are at least N versions (including the live version) newer than this is satisfied when there are at least N versions (including the live
version of the object. version) newer than this version of the object.
returned: success returned: success
type: int type: int
location: location:
description: description:
- The location of the bucket. Object data for objects in the bucket resides in physical - The location of the bucket. Object data for objects in the bucket resides in physical
storage within this region. Defaults to US. See the developer's guide for the authoritative storage within this region. Defaults to US. See the developer's guide for the
list. authoritative list.
returned: success returned: success
type: str type: str
logging: logging:
@ -670,12 +701,12 @@ RETURN = '''
type: int type: int
storageClass: storageClass:
description: description:
- The bucket's default storage class, used whenever no storageClass is specified for - The bucket's default storage class, used whenever no storageClass is specified
a newly-created object. This defines how objects in the bucket are stored and determines for a newly-created object. This defines how objects in the bucket are stored
the SLA and the cost of storage. and determines the SLA and the cost of storage.
- Values include MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, and DURABLE_REDUCED_AVAILABILITY. - Values include MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, and DURABLE_REDUCED_AVAILABILITY.
If this value is not specified when the bucket is created, it will default to STANDARD. If this value is not specified when the bucket is created, it will default to
For more information, see storage classes. STANDARD. For more information, see storage classes.
returned: success returned: success
type: str type: str
timeCreated: timeCreated:
@ -708,16 +739,17 @@ RETURN = '''
contains: contains:
mainPageSuffix: mainPageSuffix:
description: description:
- If the requested object path is missing, the service will ensure the path has a - If the requested object path is missing, the service will ensure the path
trailing '/', append this suffix, and attempt to retrieve the resulting object. has a trailing '/', append this suffix, and attempt to retrieve the resulting
This allows the creation of index.html objects to represent directory pages. object. This allows the creation of index.html objects to represent directory
pages.
returned: success returned: success
type: str type: str
notFoundPage: notFoundPage:
description: description:
- If the requested object path is missing, and any mainPageSuffix object is missing, - If the requested object path is missing, and any mainPageSuffix object is
if applicable, the service will return the named object from this bucket as the missing, if applicable, the service will return the named object from this
content for a 404 Not Found result. bucket as the content for a 404 Not Found result.
returned: success returned: success
type: str type: str
project: project:
@ -792,7 +824,7 @@ def main():
project_number=dict(type='str'), project_number=dict(type='str'),
team=dict(type='str', choices=['editors', 'owners', 'viewers']) team=dict(type='str', choices=['editors', 'owners', 'viewers'])
)), )),
role=dict(type='str', choices=['OWNER', 'READER']) role=dict(required=True, type='str', choices=['OWNER', 'READER'])
)), )),
lifecycle=dict(type='dict', options=dict( lifecycle=dict(type='dict', options=dict(
rule=dict(type='list', elements='dict', options=dict( rule=dict(type='list', elements='dict', options=dict(
@ -891,7 +923,7 @@ def resource_to_request(module):
u'predefinedDefaultObjectAcl': module.params.get('predefined_default_object_acl'), u'predefinedDefaultObjectAcl': module.params.get('predefined_default_object_acl'),
u'acl': BucketAclArray(module.params.get('acl', []), module).to_request(), u'acl': BucketAclArray(module.params.get('acl', []), module).to_request(),
u'cors': BucketCorsArray(module.params.get('cors', []), module).to_request(), u'cors': BucketCorsArray(module.params.get('cors', []), module).to_request(),
u'defaultObjectAcl': BucketDefaultObjectAclArray(module.params.get('default_object_acl', []), module).to_request(), u'defaultObjectAcl': BucketDefaultobjectaclArray(module.params.get('default_object_acl', []), module).to_request(),
u'lifecycle': BucketLifecycle(module.params.get('lifecycle', {}), module).to_request(), u'lifecycle': BucketLifecycle(module.params.get('lifecycle', {}), module).to_request(),
u'location': module.params.get('location'), u'location': module.params.get('location'),
u'logging': BucketLogging(module.params.get('logging', {}), module).to_request(), u'logging': BucketLogging(module.params.get('logging', {}), module).to_request(),
@ -968,7 +1000,7 @@ def response_to_hash(module, response):
return { return {
u'acl': BucketAclArray(response.get(u'acl', []), module).from_response(), u'acl': BucketAclArray(response.get(u'acl', []), module).from_response(),
u'cors': BucketCorsArray(response.get(u'cors', []), module).from_response(), u'cors': BucketCorsArray(response.get(u'cors', []), module).from_response(),
u'defaultObjectAcl': BucketDefaultObjectAclArray(module.params.get('default_object_acl', []), module).to_request(), u'defaultObjectAcl': BucketDefaultobjectaclArray(module.params.get('default_object_acl', []), module).to_request(),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'lifecycle': BucketLifecycle(response.get(u'lifecycle', {}), module).from_response(), u'lifecycle': BucketLifecycle(response.get(u'lifecycle', {}), module).from_response(),
u'location': response.get(u'location'), u'location': response.get(u'location'),
@ -1013,7 +1045,7 @@ class BucketAclArray(object):
u'entity': item.get('entity'), u'entity': item.get('entity'),
u'entityId': item.get('entity_id'), u'entityId': item.get('entity_id'),
u'id': item.get('id'), u'id': item.get('id'),
u'projectTeam': BucketProjectTeam(item.get('project_team', {}), self.module).to_request(), u'projectTeam': BucketProjectteam(item.get('project_team', {}), self.module).to_request(),
u'role': item.get('role') u'role': item.get('role')
}) })
@ -1025,12 +1057,12 @@ class BucketAclArray(object):
u'entity': item.get(u'entity'), u'entity': item.get(u'entity'),
u'entityId': item.get(u'entityId'), u'entityId': item.get(u'entityId'),
u'id': item.get(u'id'), u'id': item.get(u'id'),
u'projectTeam': BucketProjectTeam(item.get(u'projectTeam', {}), self.module).from_response(), u'projectTeam': BucketProjectteam(item.get(u'projectTeam', {}), self.module).from_response(),
u'role': item.get(u'role') u'role': item.get(u'role')
}) })
class BucketProjectTeam(object): class BucketProjectteam(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1088,7 +1120,7 @@ class BucketCorsArray(object):
}) })
class BucketDefaultObjectAclArray(object): class BucketDefaultobjectaclArray(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:
@ -1118,7 +1150,7 @@ class BucketDefaultObjectAclArray(object):
u'generation': item.get('generation'), u'generation': item.get('generation'),
u'id': item.get('id'), u'id': item.get('id'),
u'object': item.get('object'), u'object': item.get('object'),
u'projectTeam': BucketProjectTeam(item.get('project_team', {}), self.module).to_request(), u'projectTeam': BucketProjectteam(item.get('project_team', {}), self.module).to_request(),
u'role': item.get('role') u'role': item.get('role')
}) })
@ -1132,12 +1164,12 @@ class BucketDefaultObjectAclArray(object):
u'generation': item.get(u'generation'), u'generation': item.get(u'generation'),
u'id': item.get(u'id'), u'id': item.get(u'id'),
u'object': item.get(u'object'), u'object': item.get(u'object'),
u'projectTeam': BucketProjectTeam(item.get(u'projectTeam', {}), self.module).from_response(), u'projectTeam': BucketProjectteam(item.get(u'projectTeam', {}), self.module).from_response(),
u'role': item.get(u'role') u'role': item.get(u'role')
}) })
class BucketProjectTeam(object): class BucketProjectteam(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request:

42
plugins/modules/gcp_storage_bucket_access_control.py
View file

@ -53,26 +53,27 @@ options:
state: state:
description: description:
- Whether the given object should exist in GCP - Whether the given object should exist in GCP
choices: ['present', 'absent'] choices:
default: 'present' - present
- absent
default: present
bucket: bucket:
description: description:
- The name of the bucket. - The name of the bucket.
- 'This field represents a link to a Bucket resource in GCP. It can be specified in - 'This field represents a link to a Bucket resource in GCP. It can be specified
two ways. You can add `register: name-of-resource` to a gcp_storage_bucket task in two ways. You can add `register: name-of-resource` to a gcp_storage_bucket
and then set this bucket field to "{{ name-of-resource }}" Alternatively, you can task and then set this bucket field to "{{ name-of-resource }}" Alternatively,
set this bucket to a dictionary with the name key where the value is the name of you can set this bucket to a dictionary with the name key where the value is
your Bucket.' the name of your Bucket'
required: true required: true
entity: entity:
description: description:
- 'The entity holding the permission, in one of the following forms: user-userId - 'The entity holding the permission, in one of the following forms: user-userId
user-email group-groupId group-email domain-domain project-team-projectId allUsers user-email group-groupId group-email domain-domain project-team-projectId allUsers
allAuthenticatedUsers Examples: The user liz@example.com would be allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com.'
user-liz@example.com.'
- The group example@googlegroups.com would be group-example@googlegroups.com. - The group example@googlegroups.com would be group-example@googlegroups.com.
- To refer to all members of the Google Apps for Business domain example.com, the - To refer to all members of the Google Apps for Business domain example.com,
entity would be domain-example.com. the entity would be domain-example.com.
required: true required: true
entity_id: entity_id:
description: description:
@ -91,12 +92,18 @@ options:
description: description:
- The team. - The team.
required: false required: false
choices: ['editors', 'owners', 'viewers'] choices:
- editors
- owners
- viewers
role: role:
description: description:
- The access permission for the entity. - The access permission for the entity.
required: false required: false
choices: ['OWNER', 'READER', 'WRITER'] choices:
- OWNER
- READER
- WRITER
extends_documentation_fragment: gcp extends_documentation_fragment: gcp
''' '''
@ -141,8 +148,7 @@ RETURN = '''
description: description:
- 'The entity holding the permission, in one of the following forms: user-userId - 'The entity holding the permission, in one of the following forms: user-userId
user-email group-groupId group-email domain-domain project-team-projectId allUsers user-email group-groupId group-email domain-domain project-team-projectId allUsers
allAuthenticatedUsers Examples: The user liz@example.com would be allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com.'
user-liz@example.com.'
- The group example@googlegroups.com would be group-example@googlegroups.com. - The group example@googlegroups.com would be group-example@googlegroups.com.
- To refer to all members of the Google Apps for Business domain example.com, the - To refer to all members of the Google Apps for Business domain example.com, the
entity would be domain-example.com. entity would be domain-example.com.
@ -262,7 +268,7 @@ def resource_to_request(module):
u'bucket': replace_resource_dict(module.params.get(u'bucket', {}), 'name'), u'bucket': replace_resource_dict(module.params.get(u'bucket', {}), 'name'),
u'entity': module.params.get('entity'), u'entity': module.params.get('entity'),
u'entityId': module.params.get('entity_id'), u'entityId': module.params.get('entity_id'),
u'projectTeam': BucketAccessControlProjectTeam(module.params.get('project_team', {}), module).to_request(), u'projectTeam': BucketAccessControlProjectteam(module.params.get('project_team', {}), module).to_request(),
u'role': module.params.get('role') u'role': module.params.get('role')
} }
return_vals = {} return_vals = {}
@ -335,12 +341,12 @@ def response_to_hash(module, response):
u'entity': response.get(u'entity'), u'entity': response.get(u'entity'),
u'entityId': response.get(u'entityId'), u'entityId': response.get(u'entityId'),
u'id': response.get(u'id'), u'id': response.get(u'id'),
u'projectTeam': BucketAccessControlProjectTeam(response.get(u'projectTeam', {}), module).from_response(), u'projectTeam': BucketAccessControlProjectteam(response.get(u'projectTeam', {}), module).from_response(),
u'role': response.get(u'role') u'role': response.get(u'role')
} }
class BucketAccessControlProjectTeam(object): class BucketAccessControlProjectteam(object):
def __init__(self, request, module): def __init__(self, request, module):
self.module = module self.module = module
if request: if request: