ansible / ansible.builtin / v2.5.11 / module / cs_vpn_customer_gateway Manages site-to-site VPN customer gateway configurations on Apache CloudStack based clouds. | "added in version" 2.5 of ansible.builtin" Authors: René Moser (@resmo) preview | supported by communityansible.builtin.cs_vpn_customer_gateway (v2.5.11) — module
pip
Install with pip install ansible==2.5.11
Create, update and remove VPN customer gateways.
- name: Create a vpn customer gateway local_action: module: cs_vpn_customer_gateway name: my vpn customer gateway cidrs: - 192.168.123.0/24 - 192.168.124.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.10.1.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: "S3cr3Tk3Y"
- name: Remove a vpn customer gateway local_action: module: cs_vpn_customer_gateway name: my vpn customer gateway state: absent
dpd: choices: - true - false description: - Enable Dead Peer Detection. - Disabled per default by the API on creation if not set. name: description: - Name of the gateway. required: true cidrs: aliases: - cidr description: - List of guest CIDRs behind the gateway. - Required if C(state=present). state: choices: - present - absent default: present description: - State of the VPN customer gateway. domain: description: - Domain the VPN customer gateway is related to. account: description: - Account the VPN customer gateway is related to. api_key: description: - API key of the CloudStack API. - If not given, the C(CLOUDSTACK_KEY) env variable is considered. required: true type: str api_url: description: - URL of the CloudStack API e.g. https://cloud.example.com/client/api. - If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered. required: true type: str gateway: description: - Public IP address of the gateway. - Required if C(state=present). project: description: - Name of the project the VPN gateway is related to. ipsec_psk: description: - IPsec Preshared-Key. - Cannot contain newline or double quotes. - Required if C(state=present). api_secret: description: - Secret key of the CloudStack API. - If not set, the C(CLOUDSTACK_SECRET) env variable is considered. required: true type: str esp_policy: description: - ESP policy in the format e.g. C(aes256-sha1;modp1536). - Required if C(state=present). ike_policy: description: - IKE policy in the format e.g. C(aes256-sha1;modp1536). - Required if C(state=present). poll_async: default: true description: - Poll async jobs until job has finished. api_timeout: default: 10 description: - HTTP timeout in seconds. - If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered. type: int force_encap: choices: - true - false description: - Force encapsulation for NAT traversal. - Disabled per default by the API on creation if not set. esp_lifetime: description: - Lifetime in seconds of phase 2 VPN connection. - Defaulted to 3600 by the API on creation if not set. ike_lifetime: description: - Lifetime in seconds of phase 1 VPN connection. - Defaulted to 86400 by the API on creation if not set. api_http_method: choices: - get - post default: get description: - HTTP method used to query the API endpoint. - If not given, the C(CLOUDSTACK_METHOD) env variable is considered. type: str api_verify_ssl_cert: description: - Verify CA authority cert file. - If not given, the C(CLOUDSTACK_VERIFY) env variable is considered. type: str
account: description: Account the VPN customer gateway is related to. returned: success sample: example account type: string cidrs: description: List of CIDRs of this customer gateway. returned: success sample: - 10.10.10.0/24 type: list domain: description: Domain the VPN customer gateway is related to. returned: success sample: example domain type: string dpd: description: Whether dead pear detection is enabled or not. returned: success sample: true type: bool esp_lifetime: description: Lifetime in seconds of phase 2 VPN connection. returned: success sample: 86400 type: int esp_policy: description: IKE policy of the VPN customer gateway. returned: success sample: aes256-sha1;modp1536 type: string force_encap: description: Whether encapsulation for NAT traversal is enforced or not. returned: success sample: true type: bool gateway: description: IP address of the VPN customer gateway. returned: success sample: 10.100.212.10 type: string id: description: UUID of the VPN customer gateway. returned: success sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 type: string ike_lifetime: description: Lifetime in seconds of phase 1 VPN connection. returned: success sample: 86400 type: int ike_policy: description: ESP policy of the VPN customer gateway. returned: success sample: aes256-sha1;modp1536 type: string name: description: Name of this customer gateway. returned: success sample: my vpn customer gateway type: string project: description: Name of project the VPN customer gateway is related to. returned: success sample: Production type: string