Try SpotterManage Azure network interfaces.
| "added in version" 2.1 of ansible.builtin"
Authors: Chris Houseknecht (@chouseknecht), Matt Davis (@nitzmahone)
preview | supported by certified
pipInstall with pip install ansible==2.4.4.0.post1
Create, update or delete a network interface. When creating a network interface you must provide the name of an existing virtual network, the name of an existing subnet within the virtual network. A default security group and public IP address will be created automatically, or you can provide the name of an existing security group and public IP address. See the examples below for more details.
- name: Create a network interface with minimal parameters
azure_rm_networkinterface:
name: nic001
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
- name: Create a network interface with private IP address only (no Public IP)
azure_rm_networkinterface:
name: nic001
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
public_ip: no
- name: Create a network interface for use in a Windows host (opens RDP port) with custom RDP port
azure_rm_networkinterface:
name: nic002
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
os_type: Windows
rdp_port: 3399
- name: Create a network interface using existing security group and public IP
azure_rm_networkinterface:
name: nic003
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
security_group_name: secgroup001
public_ip_address_name: publicip001
- name: Delete network interface
azure_rm_networkinterface:
resource_group: Testing
name: nic003
state: absent
name:
description:
- Name of the network interface.
required: true
tags:
description:
- Dictionary of string:string pairs to assign as metadata to the object.
- Metadata tags on the object will be updated with any provided values.
- To remove tags set append_tags option to false.
- Currently, Azure DNS zones and Traffic Manager services also don't allow the use
of spaces in the tag.
- Azure Front Door doesn't support the use of
- Azure Automation and Azure CDN only support 15 tags on resources.
type: dict
state:
choices:
- absent
- present
default: present
description:
- Assert the state of the network interface. Use 'present' to create or update an
interface and 'absent' to delete an interface.
required: false
secret:
description:
- Azure client secret. Use when authenticating with a Service Principal.
type: str
tenant:
description:
- Azure tenant ID. Use when authenticating with a Service Principal.
type: str
ad_user:
description:
- Active Directory username. Use when authenticating with an Active Directory user
rather than service principal.
type: str
os_type:
choices:
- Windows
- Linux
default: Linux
description:
- Determines any rules to be added to a default security group. When creating a network
interface, if no security group name is provided, a default security group will
be created. If the os_type is 'Windows', a rule will be added allowing RDP access.
If the os_type is 'Linux', a rule allowing SSH access will be added.
required: false
profile:
description:
- Security profile found in ~/.azure/credentials file.
type: str
location:
default: resource_group location
description:
- Valid azure location. Defaults to location of the resource group.
required: false
log_mode:
description:
- Parent argument.
type: str
log_path:
description:
- Parent argument.
type: str
password:
description:
- Active Directory user password. Use when authenticating with an Active Directory
user rather than service principal.
type: str
client_id:
description:
- Azure client ID. Use when authenticating with a Service Principal.
type: str
public_ip:
default: true
description:
- When creating a network interface, if no public IP address name is provided a default
public IP address will be created. Set to false, if you do not want a public IP
address automatically created.
required: false
open_ports:
default: null
description:
- When a default security group is created for a Linux host a rule will be added allowing
inbound TCP connections to the default SSH port 22, and for a Windows host rules
will be added allowing inbound access to RDP ports 3389 and 5986. Override the default
ports by providing a list of open ports.
required: false
api_profile:
default: latest
description:
- Selects an API profile to use when communicating with Azure services. Default value
of C(latest) is appropriate for public clouds; future values will allow use with
Azure Stack.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
append_tags:
default: true
description:
- Use to control if tags field is canonical or just appends to existing tags.
- When canonical, any tags not found in the tags parameter will be removed from the
object's metadata.
type: bool
auth_source:
choices:
- auto
- cli
- credential_file
- env
- msi
default: auto
description:
- Controls the source of the credentials to use for authentication.
- Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
- When set to C(auto) (the default) the precedence is module parameters -> C(env)
-> C(credential_file) -> C(cli).
- When set to C(env), the credentials will be read from the environment variables
- When set to C(credential_file), it will read the profile from C(~/.azure/credentials).
- When set to C(cli), the credentials will be sources from the Azure CLI profile.
C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used
to identify the subscription ID if more than one is present otherwise the default
az cli subscription is used.
- When set to C(msi), the host machine must be an azure resource with an enabled MSI
extension. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID)
can be used to identify the subscription ID if the resource is granted access to
more than one subscription, otherwise the first subscription is chosen.
- The C(msi) was added in Ansible 2.6.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
subnet_name:
aliases:
- subnet
default: null
description:
- Name of an existing subnet within the specified virtual network. Required when creating
a network interface
required: true
resource_group:
description:
- Name of a resource group where the network interface exists or will be created.
required: true
subscription_id:
description:
- Your Azure subscription Id.
type: str
cloud_environment:
default: AzureCloud
description:
- For cloud environments other than the US public cloud, the environment name (as
defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a
metadata discovery endpoint URL (required for Azure Stack). Can also be set via
credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
adfs_authority_url:
description:
- Azure AD authority url. Use when authenticating with Username/password, and has
your own ADFS authority.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
private_ip_address:
description:
- Valid IPv4 address that falls within the specified subnet.
required: false
security_group_name:
aliases:
- security_group
default: null
description:
- Name of an existing security group with which to associate the network interface.
If not provided, a default security group will be created.
required: false
cert_validation_mode:
choices:
- ignore
- validate
description:
- Controls the certificate validation behavior for Azure endpoints. By default, all
modules will validate the server certificate, but when an HTTPS proxy is in use,
or against Azure Stack, it may be necessary to disable this behavior by passing
C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION)
environment variable.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
virtual_network_name:
aliases:
- virtual_network
default: null
description:
- Name of an existing virtual network with which the network interface will be associated.
Required when creating a network interface.
required: true
public_ip_address_name:
aliases:
- public_ip_address
- public_ip_name
default: null
description:
- Name of an existing public IP address object to associate with the security group.
required: false
public_ip_allocation_method:
choices:
- Dynamic
- Static
default: Dynamic
description:
- If a public_ip_address_name is not provided, a default public IP address will be
created. The allocation method determines whether or not the public IP address assigned
to the network interface is permanent.
required: false
private_ip_allocation_method:
choices:
- Dynamic
- Static
default: Dynamic
description:
- 'Specify whether or not the assigned IP address is permanent. NOTE: when creating
a network interface specifying a value of ''Static'' requires that a private_ip_address
value be provided. You can update the allocation method to ''Static'' after a dynamic
private ip address has been assigned.'
required: false
state:
description: The current state of the network interface.
returned: always
sample:
dns_settings:
applied_dns_servers: []
dns_servers: []
internal_dns_name_label: null
internal_fqdn: null
enable_ip_forwarding: false
etag: W/"be115a43-2148-4545-a324-f33ad444c926"
id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkInterfaces/nic003
ip_configuration:
name: default
private_ip_address: 10.1.0.10
private_ip_allocation_method: Static
public_ip_address:
id: /subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/publicIPAddresses/publicip001
name: publicip001
subnet: {}
location: eastus2
mac_address: null
name: nic003
network_security_group: {}
primary: null
provisioning_state: Succeeded
tags: null
type: Microsoft.Network/networkInterfaces
type: dict