gcp_compute_vpn_tunnel – Creates a GCP VpnTunnel

From Get docs
Ansible/docs/2.7/modules/gcp compute vpn tunnel module


gcp_compute_vpn_tunnel – Creates a GCP VpnTunnel

New in version 2.7.


Synopsis

  • VPN tunnel resource.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6
  • requests >= 2.18.4
  • google-auth >= 1.3.0

Parameters

Parameter Choices/Defaults Comments

auth_kind

- / required

  • machineaccount
  • serviceaccount
  • application

The type of credential used.

description

-

An optional description of this resource.

ike_version

-

Default:

2

IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway.

Acceptable IKE versions are 1 or 2. Default version is 2.

labels

-

Labels to apply to this VpnTunnel.

local_traffic_selector

-

Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges should be disjoint.

Only IPv4 is supported.

name

- / required

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

peer_ip

- / required

IP address of the peer VPN gateway. Only IPv4 is supported.

project

-

Default:

null

The Google Cloud Platform project to use.

region

- / required

The region where the tunnel is located.

remote_traffic_selector

-

Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges should be disjoint.

Only IPv4 is supported.

router

-

URL of router resource to be used for dynamic routing.

scopes

-

Array of scopes to be used.

service_account_email

-

An optional service account email address if machineaccount is selected and the user does not wish to use the default email.

service_account_file

-

The path of a Service Account JSON file if serviceaccount is selected as type.

shared_secret

- / required

Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.

state

-

  • present

  • absent

Whether the given object should exist in GCP

target_vpn_gateway

- / required

URL of the Target VPN gateway with which this VPN tunnel is associated.



Notes

Note


Examples

- name: create a network
  gcp_compute_network:
      name: "network-vpn_tunnel"
      project: "{{ gcp_project }}"
      auth_kind: "{{ gcp_cred_kind }}"
      service_account_file: "{{ gcp_cred_file }}"
      state: present
  register: network

- name: create a router
  gcp_compute_router:
      name: "router-vpn_tunnel"
      network: "{{ network }}"
      bgp:
        asn: 64514
        advertise_mode: CUSTOM
        advertised_groups:
        - ALL_SUBNETS
        advertised_ip_ranges:
        - range: 1.2.3.4
        - range: 6.7.0.0/16
      region: us-central1
      project: "{{ gcp_project }}"
      auth_kind: "{{ gcp_cred_kind }}"
      service_account_file: "{{ gcp_cred_file }}"
      state: present
  register: router

- name: create a target vpn gateway
  gcp_compute_target_vpn_gateway:
      name: "gateway-vpn_tunnel"
      region: us-west1
      network: "{{ network }}"
      project: "{{ gcp_project }}"
      auth_kind: "{{ gcp_cred_kind }}"
      service_account_file: "{{ gcp_cred_file }}"
      state: present
  register: gateway

- name: create a vpn tunnel
  gcp_compute_vpn_tunnel:
      name: "test_object"
      region: us-west1
      target_vpn_gateway: "{{ gateway }}"
      router: "{{ router }}"
      shared_secret: super secret
      project: "test_project"
      auth_kind: "service_account"
      service_account_file: "/tmp/auth.pem"
      state: present

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

creation_timestamp

string

success

Creation timestamp in RFC3339 text format.


description

string

success

An optional description of this resource.


ike_version

integer

success

IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway.

Acceptable IKE versions are 1 or 2. Default version is 2.


labels

dictionary

success

Labels to apply to this VpnTunnel.


local_traffic_selector

list

success

Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges should be disjoint.

Only IPv4 is supported.


name

string

success

Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.


peer_ip

string

success

IP address of the peer VPN gateway. Only IPv4 is supported.


region

string

success

The region where the tunnel is located.


remote_traffic_selector

list

success

Remote traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example `192.168.0.0/16`. The ranges should be disjoint.

Only IPv4 is supported.


router

string

success

URL of router resource to be used for dynamic routing.


shared_secret

string

success

Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.


shared_secret_hash

string

success

Hash of the shared secret.


target_vpn_gateway

dictionary

success

URL of the Target VPN gateway with which this VPN tunnel is associated.





Status

Authors

  • Google Inc. (@googlecloudplatform)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/gcp_compute_vpn_tunnel_module.html