/ home / ansible / ansible.builtin / v2.5.11 / module / cs_vpn_customer_gateway

ansible.builtin.cs_vpn_customer_gateway (v2.5.11) — module

Manages site-to-site VPN customer gateway configurations on Apache CloudStack based clouds.

| "added in version" 2.5 of ansible.builtin"

Authors: René Moser (@resmo)

preview | supported by community

Install Ansible via `pip`

Install with pip install ansible==2.5.11

Description

Create, update and remove VPN customer gateways.

Requirements

python >= 2.6
cs >= 0.9.0

Usage examples

Scanned by Steampunk Spotter

- name: Create a vpn customer gateway
  local_action:
    module: cs_vpn_customer_gateway
    name: my vpn customer gateway
    cidrs:
    - 192.168.123.0/24
    - 192.168.124.0/24
    esp_policy: aes256-sha1;modp1536
    gateway: 10.10.1.1
    ike_policy: aes256-sha1;modp1536
    ipsec_psk: "S3cr3Tk3Y"

Scanned by Steampunk Spotter

- name: Remove a vpn customer gateway
  local_action:
    module: cs_vpn_customer_gateway
    name: my vpn customer gateway
    state: absent

Inputs

    
dpd:
    choices:
    - true
    - false
    description:
    - Enable Dead Peer Detection.
    - Disabled per default by the API on creation if not set.

name:
    description:
    - Name of the gateway.
    required: true

cidrs:
    aliases:
    - cidr
    description:
    - List of guest CIDRs behind the gateway.
    - Required if C(state=present).

state:
    choices:
    - present
    - absent
    default: present
    description:
    - State of the VPN customer gateway.

domain:
    description:
    - Domain the VPN customer gateway is related to.

account:
    description:
    - Account the VPN customer gateway is related to.

api_key:
    description:
    - API key of the CloudStack API.
    - If not given, the C(CLOUDSTACK_KEY) env variable is considered.
    required: true
    type: str

api_url:
    description:
    - URL of the CloudStack API e.g. https://cloud.example.com/client/api.
    - If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.
    required: true
    type: str

gateway:
    description:
    - Public IP address of the gateway.
    - Required if C(state=present).

project:
    description:
    - Name of the project the VPN gateway is related to.

ipsec_psk:
    description:
    - IPsec Preshared-Key.
    - Cannot contain newline or double quotes.
    - Required if C(state=present).

api_secret:
    description:
    - Secret key of the CloudStack API.
    - If not set, the C(CLOUDSTACK_SECRET) env variable is considered.
    required: true
    type: str

esp_policy:
    description:
    - ESP policy in the format e.g. C(aes256-sha1;modp1536).
    - Required if C(state=present).

ike_policy:
    description:
    - IKE policy in the format e.g. C(aes256-sha1;modp1536).
    - Required if C(state=present).

poll_async:
    default: true
    description:
    - Poll async jobs until job has finished.

api_timeout:
    default: 10
    description:
    - HTTP timeout in seconds.
    - If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.
    type: int

force_encap:
    choices:
    - true
    - false
    description:
    - Force encapsulation for NAT traversal.
    - Disabled per default by the API on creation if not set.

esp_lifetime:
    description:
    - Lifetime in seconds of phase 2 VPN connection.
    - Defaulted to 3600 by the API on creation if not set.

ike_lifetime:
    description:
    - Lifetime in seconds of phase 1 VPN connection.
    - Defaulted to 86400 by the API on creation if not set.

api_http_method:
    choices:
    - get
    - post
    default: get
    description:
    - HTTP method used to query the API endpoint.
    - If not given, the C(CLOUDSTACK_METHOD) env variable is considered.
    type: str

api_verify_ssl_cert:
    description:
    - Verify CA authority cert file.
    - If not given, the C(CLOUDSTACK_VERIFY) env variable is considered.
    type: str

Outputs

account:
  description: Account the VPN customer gateway is related to.
  returned: success
  sample: example account
  type: string
cidrs:
  description: List of CIDRs of this customer gateway.
  returned: success
  sample:
  - 10.10.10.0/24
  type: list
domain:
  description: Domain the VPN customer gateway is related to.
  returned: success
  sample: example domain
  type: string
dpd:
  description: Whether dead pear detection is enabled or not.
  returned: success
  sample: true
  type: bool
esp_lifetime:
  description: Lifetime in seconds of phase 2 VPN connection.
  returned: success
  sample: 86400
  type: int
esp_policy:
  description: IKE policy of the VPN customer gateway.
  returned: success
  sample: aes256-sha1;modp1536
  type: string
force_encap:
  description: Whether encapsulation for NAT traversal is enforced or not.
  returned: success
  sample: true
  type: bool
gateway:
  description: IP address of the VPN customer gateway.
  returned: success
  sample: 10.100.212.10
  type: string
id:
  description: UUID of the VPN customer gateway.
  returned: success
  sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6
  type: string
ike_lifetime:
  description: Lifetime in seconds of phase 1 VPN connection.
  returned: success
  sample: 86400
  type: int
ike_policy:
  description: ESP policy of the VPN customer gateway.
  returned: success
  sample: aes256-sha1;modp1536
  type: string
name:
  description: Name of this customer gateway.
  returned: success
  sample: my vpn customer gateway
  type: string
project:
  description: Name of project the VPN customer gateway is related to.
  returned: success
  sample: Production
  type: string