delowan / delowan.googlecloud / 1.0.2 / module / gcp_dns_managed_zone Creates a GCP ManagedZone Authors: Google Inc. (@googlecloudplatform) preview | supported by communitydelowan.googlecloud.gcp_dns_managed_zone (1.0.2) — module
Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2
collections: - name: delowan.googlecloud version: 1.0.2
A zone is a subtree of the DNS namespace under one administrative responsibility. A ManagedZone is a resource that represents a DNS zone hosted by the Cloud DNS service.
- name: create a managed zone google.cloud.gcp_dns_managed_zone: name: test_object dns_name: test.somewild2.example.com. description: test zone project: test_project auth_kind: serviceaccount service_account_file: "/tmp/auth.pem" state: present
name: description: - User assigned name for this resource. - Must be unique within the project. required: true type: str state: choices: - present - absent default: present description: - Whether the given object should exist in GCP type: str labels: description: - A set of key/value label pairs to assign to this ManagedZone. required: false type: dict scopes: description: - Array of scopes to be used elements: str type: list project: description: - The Google Cloud Platform project to use. type: str dns_name: description: - The DNS name of this managed zone, for instance "example.com.". required: true type: str env_type: description: - Specifies which Ansible environment you're running this module within. - This should not be set unless you know what you're doing. - This only alters the User Agent string for any API requests. type: str auth_kind: choices: - application - machineaccount - serviceaccount description: - The type of credential used. required: true type: str visibility: default: public description: - 'The zone''s visibility: public zones are exposed to the Internet, while private zones are visible only to Virtual Private Cloud resources.' - 'Some valid choices include: "private", "public"' required: false type: str description: description: - A mutable string of at most 1024 characters associated with this resource for the user's convenience. Has no effect on the managed zone's function. required: true type: str dnssec_config: description: - DNSSEC configuration. required: false suboptions: default_key_specs: description: - Specifies parameters that will be used for generating initial DnsKeys for this ManagedZone. If you provide a spec for keySigning or zoneSigning, you must also provide one for the other. - default_key_specs can only be updated when the state is `off`. elements: dict required: false suboptions: algorithm: description: - String mnemonic specifying the DNSSEC algorithm of this key. - 'Some valid choices include: "ecdsap256sha256", "ecdsap384sha384", "rsasha1", "rsasha256", "rsasha512"' required: false type: str key_length: description: - Length of the keys in bits. required: false type: int key_type: description: - Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, will only be used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and will be used to sign all other types of resource record sets. - 'Some valid choices include: "keySigning", "zoneSigning"' required: false type: str kind: default: dns#dnsKeySpec description: - Identifies what kind of resource this is. required: false type: str type: list kind: default: dns#managedZoneDnsSecConfig description: - Identifies what kind of resource this is. required: false type: str non_existence: description: - Specifies the mechanism used to provide authenticated denial-of-existence responses. - non_existence can only be updated when the state is `off`. - 'Some valid choices include: "nsec", "nsec3"' required: false type: str state: description: - Specifies whether DNSSEC is enabled, and what mode it is in. - 'Some valid choices include: "off", "on", "transfer"' required: false type: str type: dict peering_config: description: - The presence of this field indicates that DNS Peering is enabled for this zone. The value of this field contains the network to peer with. required: false suboptions: target_network: description: - The network with which to peer. required: true suboptions: network_url: description: - The fully qualified URL of the VPC network to forward queries to. - This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`) . required: true type: str type: dict type: dict name_server_set: description: - Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is a set of DNS name servers that all host the same ManagedZones. Most users will leave this field unset. required: false type: str forwarding_config: description: - The presence for this field indicates that outbound forwarding is enabled for this zone. The value of this field contains the set of destinations to forward to. required: false suboptions: target_name_servers: description: - List of target name servers to forward to. Cloud DNS will select the best available name server if more than one target is given. elements: dict required: true suboptions: forwarding_path: description: - Forwarding path for this TargetNameServer. If unset or `default` Cloud DNS will make forwarding decision based on address ranges, i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the Internet. When set to `private`, Cloud DNS will always send queries through VPC for this target . - 'Some valid choices include: "default", "private"' required: false type: str ipv4_address: description: - IPv4 address of a target name server. required: true type: str type: list type: dict service_account_file: description: - The path of a Service Account JSON file if serviceaccount is selected as type. type: path service_account_email: description: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a JSON string that represents it. type: jsonarg private_visibility_config: description: - For privately visible zones, the set of Virtual Private Cloud resources that the zone is visible from. required: false suboptions: networks: description: - The list of VPC networks that can see this zone. elements: dict required: true suboptions: network_url: description: - The fully qualified URL of the VPC network to bind to. - This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`) . required: true type: str type: list type: dict
creationTime: description: - The time that this resource was created on the server. - This is in RFC3339 text format. returned: success type: str description: description: - A mutable string of at most 1024 characters associated with this resource for the user's convenience. Has no effect on the managed zone's function. returned: success type: str dnsName: description: - The DNS name of this managed zone, for instance "example.com.". returned: success type: str dnssecConfig: contains: defaultKeySpecs: contains: algorithm: description: - String mnemonic specifying the DNSSEC algorithm of this key. returned: success type: str keyLength: description: - Length of the keys in bits. returned: success type: int keyType: description: - Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, will only be used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and will be used to sign all other types of resource record sets. returned: success type: str kind: description: - Identifies what kind of resource this is. returned: success type: str description: - Specifies parameters that will be used for generating initial DnsKeys for this ManagedZone. If you provide a spec for keySigning or zoneSigning, you must also provide one for the other. - default_key_specs can only be updated when the state is `off`. returned: success type: complex kind: description: - Identifies what kind of resource this is. returned: success type: str nonExistence: description: - Specifies the mechanism used to provide authenticated denial-of-existence responses. - non_existence can only be updated when the state is `off`. returned: success type: str state: description: - Specifies whether DNSSEC is enabled, and what mode it is in. returned: success type: str description: - DNSSEC configuration. returned: success type: complex forwardingConfig: contains: targetNameServers: contains: forwardingPath: description: - Forwarding path for this TargetNameServer. If unset or `default` Cloud DNS will make forwarding decision based on address ranges, i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the Internet. When set to `private`, Cloud DNS will always send queries through VPC for this target . returned: success type: str ipv4Address: description: - IPv4 address of a target name server. returned: success type: str description: - List of target name servers to forward to. Cloud DNS will select the best available name server if more than one target is given. returned: success type: complex description: - The presence for this field indicates that outbound forwarding is enabled for this zone. The value of this field contains the set of destinations to forward to. returned: success type: complex id: description: - Unique identifier for the resource; defined by the server. returned: success type: int labels: description: - A set of key/value label pairs to assign to this ManagedZone. returned: success type: dict name: description: - User assigned name for this resource. - Must be unique within the project. returned: success type: str nameServerSet: description: - Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is a set of DNS name servers that all host the same ManagedZones. Most users will leave this field unset. returned: success type: str nameServers: description: - Delegate your managed_zone to these virtual name servers; defined by the server . returned: success type: list peeringConfig: contains: targetNetwork: contains: networkUrl: description: - The fully qualified URL of the VPC network to forward queries to. - This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`) . returned: success type: str description: - The network with which to peer. returned: success type: complex description: - The presence of this field indicates that DNS Peering is enabled for this zone. The value of this field contains the network to peer with. returned: success type: complex privateVisibilityConfig: contains: networks: contains: networkUrl: description: - The fully qualified URL of the VPC network to bind to. - This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`) . returned: success type: str description: - The list of VPC networks that can see this zone. returned: success type: complex description: - For privately visible zones, the set of Virtual Private Cloud resources that the zone is visible from. returned: success type: complex visibility: description: - 'The zone''s visibility: public zones are exposed to the Internet, while private zones are visible only to Virtual Private Cloud resources.' returned: success type: str