Documentation

gce_net - create/destroy GCE networks and firewall rules

New in version 1.5.

Synopsis

This module can create and destroy Google Compute Engine networks and firewall rules https://developers.google.com/compute/docs/networking. The name parameter is reserved for referencing a network while the fwname parameter is used to reference firewall rules. IPv4 Address ranges must be specified using the CIDR http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing format. Full install/configuration instructions for the gce* modules can be found in the comments of ansible/test/gce_tests.py.

Requirements (on host that executes module)

  • python >= 2.6
  • apache-libcloud >= 0.13.3, >= 0.17.0 if using JSON credentials

Options

parameter required default choices comments
allowed
 no
    the protocol:ports to allow ('tcp:80' or 'tcp:80,443' or 'tcp:80-800;udp:1-25')
    credentials_file
    (added in 2.1.0)
    		 no
      path to the JSON file associated with the service account email
      fwname
      		 no
        name of the firewall rule

        aliases: fwrule
        ipv4_range
        		 no
          the IPv4 address range in CIDR notation for the network this parameter is not mandatory when you specified existing network in name parameter, but when you create new network, this parameter is mandatory

          aliases: cidr
          name
          		 no
            name of the network
            pem_file
            (added in 1.6)
            		 no
              path to the pem file associated with the service account email This option is deprecated. Use 'credentials_file'.
              project_id
              (added in 1.6)
              		 no
                your GCE project ID
                service_account_email
                (added in 1.6)
                		 no
                  service account email
                  src_range
                  		 no
                    the source IPv4 address range in CIDR notation

                    aliases: src_cidr
                    src_tags
                    		 no
                      the source instance tags for creating a firewall rule
                      state
                      		 no present
                      • active
                      • present
                      • absent
                      • deleted
                      desired state of the network or firewall
                      target_tags
                      (added in 1.9)
                      		 no
                        the target instance tags for creating a firewall rule

                        Examples

                        # Simple example of creating a new network
- local_action:
    module: gce_net
    name: privatenet
    ipv4_range: '10.240.16.0/24'

# Simple example of creating a new firewall rule
- local_action:
    module: gce_net
    name: privatenet
    fwname: all-web-webproxy
    allowed: tcp:80,8080
    src_tags: ["web", "proxy"]

                        This is a Core Module

                        For more information on what this means please read Core Modules

                        For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.