Try SpotterManages site-to-site VPN connections on Apache CloudStack based clouds.
Authors: René Moser (@resmo)
preview | supported by community
Install with ansible-galaxy collection install community.general:==0.1.1
collections:
- name: community.general
version: 0.1.1Create and remove VPN connections.
- name: Create a VPN connection with activated VPN gateway
cs_vpn_connection:
vpn_customer_gateway: my vpn connection
vpc: my vpc
delegate_to: localhost
- name: Create a VPN connection and force VPN gateway activation
cs_vpn_connection:
vpn_customer_gateway: my vpn connection
vpc: my vpc
force: yes
delegate_to: localhost
- name: Remove a vpn connection
cs_vpn_connection:
vpn_customer_gateway: my vpn connection
vpc: my vpc
state: absent
delegate_to: localhost
vpc:
description:
- Name of the VPC the VPN connection is related to.
required: true
type: str
zone:
description:
- Name of the zone the VPC is related to.
- If not set, default zone is used.
type: str
force:
default: false
description:
- Activate the VPN gateway if not already activated on I(state=present).
- Also see M(cs_vpn_gateway).
type: bool
state:
choices:
- present
- absent
default: present
description:
- State of the VPN connection.
type: str
domain:
description:
- Domain the VPN connection is related to.
type: str
account:
description:
- Account the VPN connection is related to.
type: str
api_key:
description:
- API key of the CloudStack API.
- If not given, the C(CLOUDSTACK_KEY) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
type: str
api_url:
description:
- URL of the CloudStack API e.g. https://cloud.example.com/client/api.
- If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
type: str
passive:
default: false
description:
- State of the VPN connection.
- Only considered when I(state=present).
type: bool
project:
description:
- Name of the project the VPN connection is related to.
type: str
api_region:
default: cloudstack
description:
- Name of the ini section in the C(cloustack.ini) file.
- If not given, the C(CLOUDSTACK_REGION) env variable is considered.
type: str
api_secret:
description:
- Secret key of the CloudStack API.
- If not set, the C(CLOUDSTACK_SECRET) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
type: str
poll_async:
default: true
description:
- Poll async jobs until job has finished.
type: bool
api_timeout:
description:
- HTTP timeout in seconds.
- If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
- Fallback value is 10 seconds if not specified.
type: int
api_http_method:
choices:
- get
- post
description:
- HTTP method used to query the API endpoint.
- If not given, the C(CLOUDSTACK_METHOD) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
- Fallback value is C(get) if not specified.
type: str
vpn_customer_gateway:
description:
- Name of the VPN customer gateway.
required: true
type: str
account: description: Account the VPN connection is related to. returned: success sample: example account type: str cidrs: description: List of CIDRs of the customer gateway. returned: success sample: - 10.10.10.0/24 type: list created: description: Date the connection was created. returned: success sample: 2014-12-01T14:57:57+0100 type: str domain: description: Domain the VPN connection is related to. returned: success sample: example domain type: str dpd: description: Whether dead pear detection is enabled or not. returned: success sample: true type: bool esp_lifetime: description: Lifetime in seconds of phase 2 VPN connection. returned: success sample: 86400 type: int esp_policy: description: IKE policy of the VPN connection. returned: success sample: aes256-sha1;modp1536 type: str force_encap: description: Whether encapsulation for NAT traversal is enforced or not. returned: success sample: true type: bool gateway: description: IP address of the VPN customer gateway. returned: success sample: 10.101.214.10 type: str id: description: UUID of the VPN connection. returned: success sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 type: str ike_lifetime: description: Lifetime in seconds of phase 1 VPN connection. returned: success sample: 86400 type: int ike_policy: description: ESP policy of the VPN connection. returned: success sample: aes256-sha1;modp1536 type: str passive: description: Whether the connection is passive or not. returned: success sample: false type: bool project: description: Name of project the VPN connection is related to. returned: success sample: Production type: str public_ip: description: IP address of the VPN gateway. returned: success sample: 10.100.212.10 type: str state: description: State of the VPN connection. returned: success sample: Connected type: str vpn_gateway_id: description: UUID of the VPN gateway. returned: success sample: 04589590-ac63-93f5-4ffc-b698b8ac38b6 type: str