diff --git a/changelogs/fragments/fix-os_router.yaml b/changelogs/fragments/fix-os_router.yaml new file mode 100644 index 00000000000..c982f746f0c --- /dev/null +++ b/changelogs/fragments/fix-os_router.yaml @@ -0,0 +1,3 @@ +bugfixes: + - fix the enable_snat parameter that is only supposed to be used by an user + with the right policies. https://github.com/ansible/ansible/pull/44418 diff --git a/lib/ansible/modules/cloud/openstack/os_router.py b/lib/ansible/modules/cloud/openstack/os_router.py index d59982c1374..763098c7b55 100644 --- a/lib/ansible/modules/cloud/openstack/os_router.py +++ b/lib/ansible/modules/cloud/openstack/os_router.py @@ -42,7 +42,6 @@ options: description: - Enable Source NAT (SNAT) attribute. type: bool - default: 'yes' network: description: - Unique name or ID of the external gateway network. @@ -307,7 +306,8 @@ def _build_kwargs(cloud, module, router, network): if network: kwargs['ext_gateway_net_id'] = network['id'] # can't send enable_snat unless we have a network - kwargs['enable_snat'] = module.params['enable_snat'] + if module.params['enable_snat']: + kwargs['enable_snat'] = module.params['enable_snat'] if module.params['external_fixed_ips']: kwargs['ext_fixed_ips'] = [] @@ -371,7 +371,7 @@ def main(): state=dict(default='present', choices=['absent', 'present']), name=dict(required=True), admin_state_up=dict(type='bool', default=True), - enable_snat=dict(type='bool', default=True), + enable_snat=dict(type='bool'), network=dict(default=None), interfaces=dict(type='list', default=None), external_fixed_ips=dict(type='list', default=None),