Try SpotterCreate, update or delete a Site IPSec VPN connection
| "added in version" 2.8 of pureport.pureport"
Authors: Matt Traynham (@mtraynham)
preview | supported by Pureport
Install with ansible-galaxy collection install pureport.pureport:==0.0.9
collections:
- name: pureport.pureport
version: 0.0.9Create, update or delete a Site IPSec VPN connection
id:
description:
- The id of the existing connection.
required: false
type: str
name:
description:
- The name of the connection.
required: true
type: str
speed:
choices:
- 50
- 100
- 200
- 300
- 400
- 500
- 1000
- 10000
description:
- The speed of the connection (Mbps).
required: true
type: int
state:
choices:
- present
- absent
default: present
description:
- The state of the object, where 'present' indicates it should should
- exist and 'absent' indicates it should not exist.
required: false
type: str
api_key:
description:
- The pre-configured API Key for a Pureport Account.
- Users should provide either the 'api_key' and 'api_secret' or the obtained 'api_access_token'.
required: false
type: str
ike_prf:
description:
- The IKE Pseudo-random Function
- When the IKE version is 'V2', some of the IKE Encryption algorithms require the
PRF to be set.
- Those algorithms also require you to not set the IKE Integrity and therefore 'ike_integrity'
- and 'ike_prf' are mutually exclusive.
required: false
type: str
api_secret:
description:
- The pre-configured API Secret for a Pureport Account.
- Users should provide either the 'api_key' and 'api_secret' or the obtained 'api_access_token'.
required: false
type: str
description:
description:
- A description for the connection.
required: false
type: str
ike_version:
choices:
- V1
- V2
default: V2
description:
- The IKE version of the VPN connection.
required: false
type: str
nat_enabled:
default: false
description:
- If NAT should be enabled
type: bool
primary_key:
description:
- The IPSec pre-shared key for the secondary gateway.
required: false
type: str
api_base_url:
description:
- The host url for the Pureport API.
required: false
type: str
billing_term:
choices:
- HOURLY
description:
- The billing term for the connection.
required: true
type: str
customer_asn:
description:
- A customer Public/Private ASN for the connection.
required: false
type: long
esp_dh_group:
description:
- The ESP Diffie-Hellman algorithm
required: true
type: str
ike_dh_group:
description:
- The IKE Diffie-Hellman group
required: true
type: str
nat_mappings:
description:
- A list of CIDR's (a.b.c.d/n) addresses that should be mapped with NAT.
- This should likely reference the customer_networks supplied on the connection.
required: false
type: list
network_href:
description:
- The Pureport Network object.
- This should be the full 'href' path to the Network ReST object (e.g /networks/abc).
required: true
type: str
routing_type:
choices:
- ROUTE_BASED_BGP
- ROUTE_BASED_STATIC
- POLICY_BASED
default: ROUTE_BASED_BGP
description:
- The VPN's routing type.
required: false
type: str
esp_integrity:
description:
- The ESP Integrity algorithm
- Depending on the ESP Encryption algorithm, this may or may not be required.
required: false
type: str
ike_integrity:
description:
- The IKE Integrity algorithm
- This is required for IKE version 'V1'. For IKE 'V2', depending on the IKE Encryption
algorithm,
- this may or may not be required.
required: false
type: str
location_href:
description:
- The Pureport location to connect to.
- This should be the full 'href' path to the Location ReST object (e.g /locations/abc).
required: true
type: dict
secondary_key:
description:
- The IPSec pre-shared key for the secondary gateway.
required: false
type: str
esp_encryption:
description:
- The ESP Encryption algorithm
required: true
type: str
ike_encryption:
description:
- The IKE Encryption algorithm
required: true
type: str
wait_for_server:
description:
- These create/update/delete calls are typically async. If you wish to wait until
the
- server has completed it's task, set this to True.
required: false
type: bool
api_access_token:
description:
- The access token to use with Pureport API. This can be obtained from
- the `pureport_access_token_fact` module.
- Users should provide either the 'api_key' and 'api_secret' or the obtained 'api_access_token'.
type: str
physical_address:
description:
- Information about the physical address of the VPN appliance.
required: false
suboptions:
city:
description:
- The city
required: false
type: str
country:
description:
- The country
required: false
type: str
geoCoordinates:
description:
- A dict representing the geocoordinates of a location
required: false
suboptions:
latitude:
description:
- The latitude
required: false
type: double
longitude:
description:
- The logitude
required: false
type: double
type: dict
postalCode:
description:
- The postal code
required: false
type: str
state:
description:
- The state
required: false
type: str
street:
description:
- The street address
required: false
type: str
type: dict
resolve_existing:
default: true
description:
- If an id was not provided, attempt to resolve the existing item using the name.
required: false
type: bool
customer_networks:
default: []
description:
- A list of Connection Customer Networks (e.g dict(address=str, name=str)).
required: false
suboptions:
address:
description:
- A CIDR (a.b.c.d/n) address representing a subnet behind this connection.
required: true
type: str
name:
description:
- A name to give this subnet CIDR.
type: list
high_availability:
description:
- If the connection should be high available (2 gateways).
required: false
type: bool
traffic_selectors:
default: []
description:
- A list of traffic selectors
required: false
suboptions:
customer_side:
description:
- A CIDR (a.b.c.d/n) address representing a subnet on the customer side.
- This should reference a Customer Network, but it doesn't have to.
required: true
type: str
pureport_side:
description:
- A CIDR (a.b.c.d/n) address representing a subnet on the pureport side.
- This should reference the customer_networks of another connection in the contained
Network,
- or it should reference the connections NAT mapped natCidr field if the connection
had NAT enabled.
type: list
enable_bgp_password:
description:
- Enable a BGP password for the 'ROUTE_BASED_BGP' VPN connection gateways.
required: false
type: bool
primary_customer_router_ip:
description:
- The VPN's primary router IP address.
required: true
type: str
secondary_customer_router_ip:
description:
- The VPN's secondary router IP address (HA).
required: false
type: str
connection: description: the created, updated, or deleted connection type: Connection