Steampunk Ansible Documentation - delowan.googlecloud.gcp_dns_managed_zone (1.0.2) - module

Install collection

Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2

Add to requirements.yml

  collections:
    - name: delowan.googlecloud
      version: 1.0.2

Description

A zone is a subtree of the DNS namespace under one administrative responsibility. A ManagedZone is a resource that represents a DNS zone hosted by the Cloud DNS service.

Requirements

python >= 2.6
requests >= 2.18.4
google-auth >= 1.3.0

Usage examples

Scanned by Steampunk Spotter

- name: create a managed zone
  google.cloud.gcp_dns_managed_zone:
    name: test_object
    dns_name: test.somewild2.example.com.
    description: test zone
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present

Inputs

name:
description:
- User assigned name for this resource.
- Must be unique within the project.
required: true
type: str

state:
choices:
- present
- absent
default: present
description:
- Whether the given object should exist in GCP
type: str

labels:
description:
- A set of key/value label pairs to assign to this ManagedZone.
required: false
type: dict

scopes:
description:
- Array of scopes to be used
elements: str
type: list

project:
description:
- The Google Cloud Platform project to use.
type: str

dns_name:
description:
- The DNS name of this managed zone, for instance "example.com.".
required: true
type: str

env_type:
description:
- Specifies which Ansible environment you're running this module within.
- This should not be set unless you know what you're doing.
- This only alters the User Agent string for any API requests.
type: str

auth_kind:
choices:
- application
- machineaccount
- serviceaccount
description:
- The type of credential used.
required: true
type: str

visibility:
default: public
description:
- 'The zone''s visibility: public zones are exposed to the Internet, while private
zones are visible only to Virtual Private Cloud resources.'
- 'Some valid choices include: "private", "public"'
required: false
type: str

description:
description:
- A mutable string of at most 1024 characters associated with this resource for the
user's convenience. Has no effect on the managed zone's function.
required: true
type: str

dnssec_config:
description:
- DNSSEC configuration.
required: false
suboptions:
default_key_specs:
description:
- Specifies parameters that will be used for generating initial DnsKeys for this
ManagedZone. If you provide a spec for keySigning or zoneSigning, you must also
provide one for the other.
- default_key_specs can only be updated when the state is `off`.
elements: dict
required: false
suboptions:
algorithm:
description:
- String mnemonic specifying the DNSSEC algorithm of this key.
- 'Some valid choices include: "ecdsap256sha256", "ecdsap384sha384", "rsasha1",
"rsasha256", "rsasha512"'
required: false
type: str
key_length:
description:
- Length of the keys in bits.
required: false
type: int
key_type:
description:
- Specifies whether this is a key signing key (KSK) or a zone signing key
(ZSK). Key signing keys have the Secure Entry Point flag set and, when active,
will only be used to sign resource record sets of type DNSKEY. Zone signing
keys do not have the Secure Entry Point flag set and will be used to sign
all other types of resource record sets.
- 'Some valid choices include: "keySigning", "zoneSigning"'
required: false
type: str
kind:
default: dns#dnsKeySpec
description:
- Identifies what kind of resource this is.
required: false
type: str
type: list
kind:
default: dns#managedZoneDnsSecConfig
description:
- Identifies what kind of resource this is.
required: false
type: str
non_existence:
description:
- Specifies the mechanism used to provide authenticated denial-of-existence responses.
- non_existence can only be updated when the state is `off`.
- 'Some valid choices include: "nsec", "nsec3"'
required: false
type: str
state:
description:
- Specifies whether DNSSEC is enabled, and what mode it is in.
- 'Some valid choices include: "off", "on", "transfer"'
required: false
type: str
type: dict

peering_config:
description:
- The presence of this field indicates that DNS Peering is enabled for this zone.
The value of this field contains the network to peer with.
required: false
suboptions:
target_network:
description:
- The network with which to peer.
required: true
suboptions:
network_url:
description:
- The fully qualified URL of the VPC network to forward queries to.
- This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`)
.
required: true
type: str
type: dict
type: dict

name_server_set:
description:
- Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is
a set of DNS name servers that all host the same ManagedZones. Most users will leave
this field unset.
required: false
type: str

forwarding_config:
description:
- The presence for this field indicates that outbound forwarding is enabled for this
zone. The value of this field contains the set of destinations to forward to.
required: false
suboptions:
target_name_servers:
description:
- List of target name servers to forward to. Cloud DNS will select the best available
name server if more than one target is given.
elements: dict
required: true
suboptions:
forwarding_path:
description:
- Forwarding path for this TargetNameServer. If unset or `default` Cloud DNS
will make forwarding decision based on address ranges, i.e. RFC1918 addresses
go to the VPC, Non-RFC1918 addresses go to the Internet. When set to `private`,
Cloud DNS will always send queries through VPC for this target .
- 'Some valid choices include: "default", "private"'
required: false
type: str
ipv4_address:
description:
- IPv4 address of a target name server.
required: true
type: str
type: list
type: dict

service_account_file:
description:
- The path of a Service Account JSON file if serviceaccount is selected as type.
type: path

service_account_email:
description:
- An optional service account email address if machineaccount is selected and the
user does not wish to use the default email.
type: str

service_account_contents:
description:
- The contents of a Service Account JSON file, either in a dictionary or as a JSON
string that represents it.
type: jsonarg

private_visibility_config:
description:
- For privately visible zones, the set of Virtual Private Cloud resources that the
zone is visible from.
required: false
suboptions:
networks:
description:
- The list of VPC networks that can see this zone.
elements: dict
required: true
suboptions:
network_url:
description:
- The fully qualified URL of the VPC network to bind to.
- This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`)
.
required: true
type: str
type: list
type: dict

Outputs

creationTime:
description:
- The time that this resource was created on the server.
- This is in RFC3339 text format.
returned: success
type: str
description:
description:
- A mutable string of at most 1024 characters associated with this resource for
the user's convenience. Has no effect on the managed zone's function.
returned: success
type: str
dnsName:
description:
- The DNS name of this managed zone, for instance "example.com.".
returned: success
type: str
dnssecConfig:
contains:
defaultKeySpecs:
contains:
algorithm:
description:
- String mnemonic specifying the DNSSEC algorithm of this key.
returned: success
type: str
keyLength:
description:
- Length of the keys in bits.
returned: success
type: int
keyType:
description:
- Specifies whether this is a key signing key (KSK) or a zone signing key
(ZSK). Key signing keys have the Secure Entry Point flag set and, when
active, will only be used to sign resource record sets of type DNSKEY.
Zone signing keys do not have the Secure Entry Point flag set and will
be used to sign all other types of resource record sets.
returned: success
type: str
kind:
description:
- Identifies what kind of resource this is.
returned: success
type: str
description:
- Specifies parameters that will be used for generating initial DnsKeys for
this ManagedZone. If you provide a spec for keySigning or zoneSigning, you
must also provide one for the other.
- default_key_specs can only be updated when the state is `off`.
returned: success
type: complex
kind:
description:
- Identifies what kind of resource this is.
returned: success
type: str
nonExistence:
description:
- Specifies the mechanism used to provide authenticated denial-of-existence
responses.
- non_existence can only be updated when the state is `off`.
returned: success
type: str
state:
description:
- Specifies whether DNSSEC is enabled, and what mode it is in.
returned: success
type: str
description:
- DNSSEC configuration.
returned: success
type: complex
forwardingConfig:
contains:
targetNameServers:
contains:
forwardingPath:
description:
- Forwarding path for this TargetNameServer. If unset or `default` Cloud
DNS will make forwarding decision based on address ranges, i.e. RFC1918
addresses go to the VPC, Non-RFC1918 addresses go to the Internet. When
set to `private`, Cloud DNS will always send queries through VPC for this
target .
returned: success
type: str
ipv4Address:
description:
- IPv4 address of a target name server.
returned: success
type: str
description:
- List of target name servers to forward to. Cloud DNS will select the best
available name server if more than one target is given.
returned: success
type: complex
description:
- The presence for this field indicates that outbound forwarding is enabled for
this zone. The value of this field contains the set of destinations to forward
to.
returned: success
type: complex
id:
description:
- Unique identifier for the resource; defined by the server.
returned: success
type: int
labels:
description:
- A set of key/value label pairs to assign to this ManagedZone.
returned: success
type: dict
name:
description:
- User assigned name for this resource.
- Must be unique within the project.
returned: success
type: str
nameServerSet:
description:
- Optionally specifies the NameServerSet for this ManagedZone. A NameServerSet is
a set of DNS name servers that all host the same ManagedZones. Most users will
leave this field unset.
returned: success
type: str
nameServers:
description:
- Delegate your managed_zone to these virtual name servers; defined by the server
.
returned: success
type: list
peeringConfig:
contains:
targetNetwork:
contains:
networkUrl:
description:
- The fully qualified URL of the VPC network to forward queries to.
- This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`)
.
returned: success
type: str
description:
- The network with which to peer.
returned: success
type: complex
description:
- The presence of this field indicates that DNS Peering is enabled for this zone.
The value of this field contains the network to peer with.
returned: success
type: complex
privateVisibilityConfig:
contains:
networks:
contains:
networkUrl:
description:
- The fully qualified URL of the VPC network to bind to.
- This should be formatted like `U(https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}`)
.
returned: success
type: str
description:
- The list of VPC networks that can see this zone.
returned: success
type: complex
description:
- For privately visible zones, the set of Virtual Private Cloud resources that the
zone is visible from.
returned: success
type: complex
visibility:
description:
- 'The zone''s visibility: public zones are exposed to the Internet, while private
zones are visible only to Virtual Private Cloud resources.'
returned: success
type: str