pureport / pureport.pureport / 0.0.9 / module / site_ipsec_vpn_connection Create, update or delete a Site IPSec VPN connection | "added in version" 2.8 of pureport.pureport" Authors: Matt Traynham (@mtraynham) preview | supported by Pureportpureport.pureport.site_ipsec_vpn_connection (0.0.9) — module
Install with ansible-galaxy collection install pureport.pureport:==0.0.9
collections: - name: pureport.pureport version: 0.0.9
Create, update or delete a Site IPSec VPN connection
id: description: - The id of the existing connection. required: false type: str name: description: - The name of the connection. required: true type: str speed: choices: - 50 - 100 - 200 - 300 - 400 - 500 - 1000 - 10000 description: - The speed of the connection (Mbps). required: true type: int state: choices: - present - absent default: present description: - The state of the object, where 'present' indicates it should should - exist and 'absent' indicates it should not exist. required: false type: str api_key: description: - The pre-configured API Key for a Pureport Account. - Users should provide either the 'api_key' and 'api_secret' or the obtained 'api_access_token'. required: false type: str ike_prf: description: - The IKE Pseudo-random Function - When the IKE version is 'V2', some of the IKE Encryption algorithms require the PRF to be set. - Those algorithms also require you to not set the IKE Integrity and therefore 'ike_integrity' - and 'ike_prf' are mutually exclusive. required: false type: str api_secret: description: - The pre-configured API Secret for a Pureport Account. - Users should provide either the 'api_key' and 'api_secret' or the obtained 'api_access_token'. required: false type: str description: description: - A description for the connection. required: false type: str ike_version: choices: - V1 - V2 default: V2 description: - The IKE version of the VPN connection. required: false type: str nat_enabled: default: false description: - If NAT should be enabled type: bool primary_key: description: - The IPSec pre-shared key for the secondary gateway. required: false type: str api_base_url: description: - The host url for the Pureport API. required: false type: str billing_term: choices: - HOURLY description: - The billing term for the connection. required: true type: str customer_asn: description: - A customer Public/Private ASN for the connection. required: false type: long esp_dh_group: description: - The ESP Diffie-Hellman algorithm required: true type: str ike_dh_group: description: - The IKE Diffie-Hellman group required: true type: str nat_mappings: description: - A list of CIDR's (a.b.c.d/n) addresses that should be mapped with NAT. - This should likely reference the customer_networks supplied on the connection. required: false type: list network_href: description: - The Pureport Network object. - This should be the full 'href' path to the Network ReST object (e.g /networks/abc). required: true type: str routing_type: choices: - ROUTE_BASED_BGP - ROUTE_BASED_STATIC - POLICY_BASED default: ROUTE_BASED_BGP description: - The VPN's routing type. required: false type: str esp_integrity: description: - The ESP Integrity algorithm - Depending on the ESP Encryption algorithm, this may or may not be required. required: false type: str ike_integrity: description: - The IKE Integrity algorithm - This is required for IKE version 'V1'. For IKE 'V2', depending on the IKE Encryption algorithm, - this may or may not be required. required: false type: str location_href: description: - The Pureport location to connect to. - This should be the full 'href' path to the Location ReST object (e.g /locations/abc). required: true type: dict secondary_key: description: - The IPSec pre-shared key for the secondary gateway. required: false type: str esp_encryption: description: - The ESP Encryption algorithm required: true type: str ike_encryption: description: - The IKE Encryption algorithm required: true type: str wait_for_server: description: - These create/update/delete calls are typically async. If you wish to wait until the - server has completed it's task, set this to True. required: false type: bool api_access_token: description: - The access token to use with Pureport API. This can be obtained from - the `pureport_access_token_fact` module. - Users should provide either the 'api_key' and 'api_secret' or the obtained 'api_access_token'. type: str physical_address: description: - Information about the physical address of the VPN appliance. required: false suboptions: city: description: - The city required: false type: str country: description: - The country required: false type: str geoCoordinates: description: - A dict representing the geocoordinates of a location required: false suboptions: latitude: description: - The latitude required: false type: double longitude: description: - The logitude required: false type: double type: dict postalCode: description: - The postal code required: false type: str state: description: - The state required: false type: str street: description: - The street address required: false type: str type: dict resolve_existing: default: true description: - If an id was not provided, attempt to resolve the existing item using the name. required: false type: bool customer_networks: default: [] description: - A list of Connection Customer Networks (e.g dict(address=str, name=str)). required: false suboptions: address: description: - A CIDR (a.b.c.d/n) address representing a subnet behind this connection. required: true type: str name: description: - A name to give this subnet CIDR. type: list high_availability: description: - If the connection should be high available (2 gateways). required: false type: bool traffic_selectors: default: [] description: - A list of traffic selectors required: false suboptions: customer_side: description: - A CIDR (a.b.c.d/n) address representing a subnet on the customer side. - This should reference a Customer Network, but it doesn't have to. required: true type: str pureport_side: description: - A CIDR (a.b.c.d/n) address representing a subnet on the pureport side. - This should reference the customer_networks of another connection in the contained Network, - or it should reference the connections NAT mapped natCidr field if the connection had NAT enabled. type: list enable_bgp_password: description: - Enable a BGP password for the 'ROUTE_BASED_BGP' VPN connection gateways. required: false type: bool primary_customer_router_ip: description: - The VPN's primary router IP address. required: true type: str secondary_customer_router_ip: description: - The VPN's secondary router IP address (HA). required: false type: str
connection: description: the created, updated, or deleted connection type: Connection