New in version 1.5.
This module can create and destroy Google Compute Engine networks and firewall rules https://developers.google.com/compute/docs/networking. The name parameter is reserved for referencing a network while the fwname parameter is used to reference firewall rules. IPv4 Address ranges must be specified using the CIDR http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing format. Full install/configuration instructions for the gce* modules can be found in the comments of ansible/test/gce_tests.py.
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| allowed | no | the protocol:ports to allow ('tcp:80' or 'tcp:80,443' or 'tcp:80-800;udp:1-25') this parameter is mandatory when creating or updating a firewall rule |
||
| credentials_file (added in 2.1.0)
| no | path to the JSON file associated with the service account email |
||
| fwname | no |
name of the firewall rule aliases: fwrule
|
||
| ipv4_range | no |
the IPv4 address range in CIDR notation for the network this parameter is not mandatory when you specified existing network in name parameter, but when you create new network, this parameter is mandatory aliases: cidr
|
||
| mode (added in 2.2)
| no | legacy |
| network mode for Google Cloud "legacy" indicates a network with an IP address range "auto" automatically generates subnetworks in different regions "custom" uses networks to group subnets of user specified IP address ranges https://cloud.google.com/compute/docs/networking#network_types |
| name | no | name of the network |
||
| pem_file (added in 1.6)
| no | path to the pem file associated with the service account email This option is deprecated. Use 'credentials_file'. |
||
| project_id (added in 1.6)
| no | your GCE project ID |
||
| service_account_email (added in 1.6)
| no | service account email |
||
| src_range | no |
the source IPv4 address range in CIDR notation aliases: src_cidr
|
||
| src_tags | no | the source instance tags for creating a firewall rule |
||
| state | no | present |
| desired state of the network or firewall |
| subnet_desc (added in 2.2)
| no | description of subnet to create |
||
| subnet_name (added in 2.2)
| no | name of subnet to create |
||
| subnet_region (added in 2.2)
| no | region of subnet to create |
||
| target_tags (added in 1.9)
| no | the target instance tags for creating a firewall rule |
# Simple example of creating a new network
- local_action:
module: gce_net
name: privatenet
ipv4_range: '10.240.16.0/24'
# Simple example of creating a new firewall rule
- local_action:
module: gce_net
name: privatenet
fwname: all-web-webproxy
allowed: tcp:80,8080
src_tags: ["web", "proxy"]
# Simple example of creating a new auto network
- local_action:
module: gce_net
name: privatenet
mode: auto
# Simple example of creating a new custom subnet
- local_action:
module: gce_net
name: privatenet
mode: custom
subnet_name: subnet_example
subnet_region: us-central1
ipv4_range: 10.0.0.0/16
For more information on what this means please read Core Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, developing_test_pr and Developing Modules.
© 2012–2016 Michael DeHaan
© 2016 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/gce_net_module.html