/ home / delowan / delowan.googlecloud / 1.0.2 / module / gcp_compute_ssl_policy

delowan.googlecloud.gcp_compute_ssl_policy (1.0.2) — module

Creates a GCP SslPolicy

Authors: Google Inc. (@googlecloudplatform)

preview | supported by community

Install collection

Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2

Add to requirements.yml

  collections:
    - name: delowan.googlecloud
      version: 1.0.2

Description

Represents a SSL policy. SSL policies give you the ability to control the features of SSL that your SSL proxy or HTTPS load balancer negotiates.

Requirements

python >= 2.6
requests >= 2.18.4
google-auth >= 1.3.0

Usage examples

Scanned by Steampunk Spotter

- name: create a SSL policy
  google.cloud.gcp_compute_ssl_policy:
    name: test_object
    profile: CUSTOM
    min_tls_version: TLS_1_2
    custom_features:
    - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present

Inputs

name:
description:
- Name of the resource. Provided by the client when the resource is created. The name
must be 1-63 characters long, and comply with RFC1035. Specifically, the name must
be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following characters
must be a dash, lowercase letter, or digit, except the last character, which cannot
be a dash.
required: true
type: str

state:
choices:
- present
- absent
default: present
description:
- Whether the given object should exist in GCP
type: str

scopes:
description:
- Array of scopes to be used
elements: str
type: list

profile:
description:
- Profile specifies the set of SSL features that can be used by the load balancer
when negotiating SSL with clients. If using `CUSTOM`, the set of SSL features to
enable must be specified in the `customFeatures` field.
- 'Some valid choices include: "COMPATIBLE", "MODERN", "RESTRICTED", "CUSTOM"'
required: false
type: str

project:
description:
- The Google Cloud Platform project to use.
type: str

env_type:
description:
- Specifies which Ansible environment you're running this module within.
- This should not be set unless you know what you're doing.
- This only alters the User Agent string for any API requests.
type: str

auth_kind:
choices:
- application
- machineaccount
- serviceaccount
description:
- The type of credential used.
required: true
type: str

description:
description:
- An optional description of this resource.
required: false
type: str

custom_features:
description:
- A list of features enabled when the selected profile is CUSTOM. The method returns
the set of features that can be specified in this list. This field must be empty
if the profile is not CUSTOM.
elements: str
required: false
type: list

min_tls_version:
description:
- The minimum version of SSL protocol that can be used by the clients to establish
a connection with the load balancer.
- 'Some valid choices include: "TLS_1_0", "TLS_1_1", "TLS_1_2"'
required: false
type: str

service_account_file:
description:
- The path of a Service Account JSON file if serviceaccount is selected as type.
type: path

service_account_email:
description:
- An optional service account email address if machineaccount is selected and the
user does not wish to use the default email.
type: str

service_account_contents:
description:
- The contents of a Service Account JSON file, either in a dictionary or as a JSON
string that represents it.
type: jsonarg

Outputs

creationTimestamp:
description:
- Creation timestamp in RFC3339 text format.
returned: success
type: str
customFeatures:
description:
- A list of features enabled when the selected profile is CUSTOM. The method returns
the set of features that can be specified in this list. This field must be empty
if the profile is not CUSTOM.
returned: success
type: list
description:
description:
- An optional description of this resource.
returned: success
type: str
enabledFeatures:
description:
- The list of features enabled in the SSL policy.
returned: success
type: list
fingerprint:
description:
- Fingerprint of this resource. A hash of the contents stored in this object. This
field is used in optimistic locking.
returned: success
type: str
id:
description:
- The unique identifier for the resource.
returned: success
type: int
minTlsVersion:
description:
- The minimum version of SSL protocol that can be used by the clients to establish
a connection with the load balancer.
returned: success
type: str
name:
description:
- Name of the resource. Provided by the client when the resource is created. The
name must be 1-63 characters long, and comply with RFC1035. Specifically, the
name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
which means the first character must be a lowercase letter, and all following
characters must be a dash, lowercase letter, or digit, except the last character,
which cannot be a dash.
returned: success
type: str
profile:
description:
- Profile specifies the set of SSL features that can be used by the load balancer
when negotiating SSL with clients. If using `CUSTOM`, the set of SSL features
to enable must be specified in the `customFeatures` field.
returned: success
type: str
warnings:
contains:
code:
description:
- A warning code, if applicable.
returned: success
type: str
message:
description:
- A human-readable description of the warning code.
returned: success
type: str
description:
- If potential misconfigurations are detected for this SSL policy, this field will
be populated with warning messages.
returned: success
type: complex