delowan / delowan.googlecloud / 1.0.2 / module / gcp_compute_target_ssl_proxy Creates a GCP TargetSslProxy Authors: Google Inc. (@googlecloudplatform) preview | supported by communitydelowan.googlecloud.gcp_compute_target_ssl_proxy (1.0.2) — module
Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2
collections: - name: delowan.googlecloud version: 1.0.2
Represents a TargetSslProxy resource, which is used by one or more global forwarding rule to route incoming SSL requests to a backend service.
- name: create a instance group google.cloud.gcp_compute_instance_group: name: instancegroup-targetsslproxy zone: us-central1-a project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" state: present register: instancegroup
- name: create a health check google.cloud.gcp_compute_health_check: name: healthcheck-targetsslproxy type: TCP tcp_health_check: port_name: service-health request: ping response: pong healthy_threshold: 10 timeout_sec: 2 unhealthy_threshold: 5 project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" state: present register: healthcheck
- name: create a backend service google.cloud.gcp_compute_backend_service: name: backendservice-targetsslproxy backends: - group: "{{ instancegroup.selfLink }}" health_checks: - "{{ healthcheck.selfLink }}" protocol: SSL project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" state: present register: backendservice
- name: create a SSL certificate google.cloud.gcp_compute_ssl_certificate: name: sslcert-targetsslproxy description: A certificate for testing. Do not use this certificate in production certificate: |- -----BEGIN CERTIFICATE----- MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2 MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ 4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn 0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ zqGNhIPGq2ULqXKK8BY= -----END CERTIFICATE----- private_key: |- -----BEGIN EC PRIVATE KEY----- MHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49 AwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f OGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ== -----END EC PRIVATE KEY----- project: "{{ gcp_project }}" auth_kind: "{{ gcp_cred_kind }}" service_account_file: "{{ gcp_cred_file }}" state: present register: sslcert
- name: create a target SSL proxy google.cloud.gcp_compute_target_ssl_proxy: name: test_object ssl_certificates: - "{{ sslcert }}" service: "{{ backendservice }}" project: test_project auth_kind: serviceaccount service_account_file: "/tmp/auth.pem" state: present
name: description: - Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. required: true type: str state: choices: - present - absent default: present description: - Whether the given object should exist in GCP type: str scopes: description: - Array of scopes to be used elements: str type: list project: description: - The Google Cloud Platform project to use. type: str service: description: - A reference to the BackendService resource. - 'This field represents a link to a BackendService resource in GCP. It can be specified in two ways. First, you can place a dictionary with key ''selfLink'' and value of your resource''s selfLink Alternatively, you can add `register: name-of-resource` to a gcp_compute_backend_service task and then set this service field to "{{ name-of-resource }}"' required: true type: dict env_type: description: - Specifies which Ansible environment you're running this module within. - This should not be set unless you know what you're doing. - This only alters the User Agent string for any API requests. type: str auth_kind: choices: - application - machineaccount - serviceaccount description: - The type of credential used. required: true type: str ssl_policy: description: - A reference to the SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured. - 'This field represents a link to a SslPolicy resource in GCP. It can be specified in two ways. First, you can place a dictionary with key ''selfLink'' and value of your resource''s selfLink Alternatively, you can add `register: name-of-resource` to a gcp_compute_ssl_policy task and then set this ssl_policy field to "{{ name-of-resource }}"' required: false type: dict description: description: - An optional description of this resource. required: false type: str proxy_header: description: - Specifies the type of proxy header to append before sending data to the backend. - 'Some valid choices include: "NONE", "PROXY_V1"' required: false type: str ssl_certificates: description: - A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. elements: dict required: true type: list service_account_file: description: - The path of a Service Account JSON file if serviceaccount is selected as type. type: path service_account_email: description: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a JSON string that represents it. type: jsonarg
creationTimestamp: description: - Creation timestamp in RFC3339 text format. returned: success type: str description: description: - An optional description of this resource. returned: success type: str id: description: - The unique identifier for the resource. returned: success type: int name: description: - Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. returned: success type: str proxyHeader: description: - Specifies the type of proxy header to append before sending data to the backend. returned: success type: str service: description: - A reference to the BackendService resource. returned: success type: dict sslCertificates: description: - A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. returned: success type: list sslPolicy: description: - A reference to the SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured. returned: success type: dict