@ -51,25 +51,22 @@ options:
description :
description :
- Valid azure location . Defaults to location of the resource group .
- Valid azure location . Defaults to location of the resource group .
required : false
required : false
virtual_network _resource_group :
virtual_network :
description :
description :
- The resource group of I ( virtual_network_name ) .
- An existing virtual network with which the network interface will be associated . Required
- If not set then this is the same resource group as I ( resource_group ) .
- This can be used to specify the resource group of a virtual network that is in another resource group
than the network interface .
- If I ( virtual_network_name ) is specified as a virtual network id , this parameter is ignored .
version_added : 2.6
virtual_network_name :
description :
- Name or id of an existing virtual network with which the network interface will be associated . Required
when creating a network interface .
when creating a network interface .
- It can be the virtual network ' s name.
- Make sure your virtual network is in the same resource group as NIC when you give only the name .
- It can be the virtual network ' s resource id.
- It can be a dict which contains C ( name ) and C ( resource_group ) of the virtual network .
aliases :
aliases :
- virtual_network
- virtual_network_name
required : true
required : true
subnet_name :
subnet_name :
description :
description :
- Name of an existing subnet within the specified virtual network . Required when creating a network
- Name of an existing subnet within the specified virtual network . Required when creating a network
interface
interface
- Use the C ( virtual_network ) ' s resource group.
aliases :
aliases :
- subnet
- subnet
required : true
required : true
@ -123,8 +120,7 @@ options:
ip_configurations :
ip_configurations :
description :
description :
- List of ip configuration if contains mutilple configuration , should contain configuration object include
- List of ip configuration if contains mutilple configuration , should contain configuration object include
field private_ip_address , private_ip_allocation_method , public_ip_address_name , public_ip , subnet_name ,
field private_ip_address , private_ip_allocation_method , public_ip_address_name , public_ip , public_ip_allocation_method , name
virtual_network_name , public_ip_allocation_method , name
suboptions :
suboptions :
name :
name :
description :
description :
@ -150,18 +146,34 @@ options:
- Dynamic
- Dynamic
- Static
- Static
default : Dynamic
default : Dynamic
load_balancer_backend_address_pools :
description :
- List of an existing load - balancer backend address pool id to associate with the network interface .
- It can be write as a resource id .
- Also can be a dict of I ( name ) and I ( load_balancer ) .
version_added : 2.6
primary :
primary :
description :
description :
- Whether the ip configuration is the primary one in the list .
- Whether the ip configuration is the primary one in the list .
type : bool
type : bool
default : ' no '
default : ' no '
version_added : 2.5
version_added : 2.5
security_group_name :
create_with_security_group :
description :
- Specifies whether a default security group should be be created with the NIC . Only applies when creating a new NIC .
type : bool
version_added : 2.6
default : True
security_group :
description :
description :
- Name of an existing security group with which to associate the network interface . If not provided , a
- An existing security group with which to associate the network interface . If not provided , a
default security group will be created .
default security group will be created when C ( create_with_security_group ) is true .
- It can be the name of security group .
- Make sure the security group is in the same resource group when you only give its name .
- It can be the resource id .
- It can be a dict contains security_group ' s C(name) and C(resource_group).
aliases :
aliases :
- security_group
- security_group _name
open_ports :
open_ports :
description :
description :
- When a default security group is created for a Linux host a rule will be added allowing inbound TCP
- When a default security group is created for a Linux host a rule will be added allowing inbound TCP
@ -182,7 +194,7 @@ EXAMPLES = '''
azure_rm_networkinterface :
azure_rm_networkinterface :
name : nic001
name : nic001
resource_group : Testing
resource_group : Testing
virtual_network _name : vnet001
virtual_network : vnet001
subnet_name : subnet001
subnet_name : subnet001
ip_configurations :
ip_configurations :
- name : ipconfig1
- name : ipconfig1
@ -193,8 +205,9 @@ EXAMPLES = '''
azure_rm_networkinterface :
azure_rm_networkinterface :
name : nic001
name : nic001
resource_group : Testing
resource_group : Testing
virtual_network _name : vnet001
virtual_network : vnet001
subnet_name : subnet001
subnet_name : subnet001
create_with_security_group : False
ip_configurations :
ip_configurations :
- name : ipconfig1
- name : ipconfig1
primary : True
primary : True
@ -203,10 +216,11 @@ EXAMPLES = '''
azure_rm_networkinterface :
azure_rm_networkinterface :
name : nic002
name : nic002
resource_group : Testing
resource_group : Testing
virtual_network _name : vnet001
virtual_network : vnet001
subnet_name : subnet001
subnet_name : subnet001
os_type : Windows
os_type : Windows
rdp_port : 3399
rdp_port : 3399
security_group : " /subscriptions/XXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/nsg001 "
ip_configurations :
ip_configurations :
- name : ipconfig1
- name : ipconfig1
public_ip_address_name : publicip001
public_ip_address_name : publicip001
@ -216,9 +230,9 @@ EXAMPLES = '''
azure_rm_networkinterface :
azure_rm_networkinterface :
name : nic003
name : nic003
resource_group : Testing
resource_group : Testing
virtual_network _name : vnet001
virtual_network : vnet001
subnet_name : subnet001
subnet_name : subnet001
security_group _name : secgroup001
security_group : secgroup001
ip_configurations :
ip_configurations :
- name : ipconfig1
- name : ipconfig1
public_ip_address_name : publicip001
public_ip_address_name : publicip001
@ -229,13 +243,19 @@ EXAMPLES = '''
name : nic004
name : nic004
resource_group : Testing
resource_group : Testing
subnet_name : subnet001
subnet_name : subnet001
virtual_network_name : vnet001
virtual_network : vnet001
security_group_name : secgroup001
security_group :
name : testnic002
resource_group : Testing1
ip_configurations :
ip_configurations :
- name : ipconfig1
- name : ipconfig1
public_ip_address_name : publicip001
public_ip_address_name : publicip001
primary : True
primary : True
- name : ipconfig2
- name : ipconfig2
load_balancer_backend_address_pools :
- " {{ loadbalancer001.state.backend_address_pools[0].id }} "
- name : backendaddrpool1
load_balancer : loadbalancer001
- name : Delete network interface
- name : Delete network interface
azure_rm_networkinterface :
azure_rm_networkinterface :
@ -273,7 +293,10 @@ state:
" location " : " eastus2 " ,
" location " : " eastus2 " ,
" mac_address " : null ,
" mac_address " : null ,
" name " : " nic003 " ,
" name " : " nic003 " ,
" network_security_group " : { } ,
" network_security_group " : {
" id " : " /subscriptions//XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkSecurityGroups/nsg001 " ,
" name " : " nsg001 "
} ,
" primary " : null ,
" primary " : null ,
" provisioning_state " : " Succeeded " ,
" provisioning_state " : " Succeeded " ,
" tags " : null ,
" tags " : null ,
@ -282,7 +305,7 @@ state:
'''
'''
try :
try :
from msrestazure . tools import parse_resource_id
from msrestazure . tools import parse_resource_id , resource_id
from msrestazure . azure_exceptions import CloudError
from msrestazure . azure_exceptions import CloudError
except ImportError :
except ImportError :
# This is handled in azure_rm_common
# This is handled in azure_rm_common
@ -310,6 +333,8 @@ def nic_to_dict(nic):
private_ip_allocation_method = config . private_ip_allocation_method ,
private_ip_allocation_method = config . private_ip_allocation_method ,
subnet = subnet_to_dict ( config . subnet ) ,
subnet = subnet_to_dict ( config . subnet ) ,
primary = config . primary ,
primary = config . primary ,
load_balancer_backend_address_pools = ( [ item . id for item in config . load_balancer_backend_address_pools ]
if config . load_balancer_backend_address_pools else None ) ,
public_ip_address = dict (
public_ip_address = dict (
id = config . public_ip_address . id ,
id = config . public_ip_address . id ,
name = azure_id_to_dict ( config . public_ip_address . id ) . get ( ' publicIPAddresses ' ) ,
name = azure_id_to_dict ( config . public_ip_address . id ) . get ( ' publicIPAddresses ' ) ,
@ -348,6 +373,7 @@ ip_configuration_spec = dict(
private_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
private_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
public_ip_address_name = dict ( type = ' str ' , aliases = [ ' public_ip_address ' , ' public_ip_name ' ] ) ,
public_ip_address_name = dict ( type = ' str ' , aliases = [ ' public_ip_address ' , ' public_ip_name ' ] ) ,
public_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
public_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
load_balancer_backend_address_pools = dict ( type = ' list ' ) ,
primary = dict ( type = ' bool ' , default = False )
primary = dict ( type = ' bool ' , default = False )
)
)
@ -360,15 +386,15 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
resource_group = dict ( type = ' str ' , required = True ) ,
resource_group = dict ( type = ' str ' , required = True ) ,
name = dict ( type = ' str ' , required = True ) ,
name = dict ( type = ' str ' , required = True ) ,
location = dict ( type = ' str ' ) ,
location = dict ( type = ' str ' ) ,
security_group_name = dict ( type = ' str ' , aliases = [ ' security_group ' ] ) ,
create_with_security_group = dict ( type = ' bool ' , default = True ) ,
security_group = dict ( type = ' raw ' , aliases = [ ' security_group_name ' ] ) ,
state = dict ( default = ' present ' , choices = [ ' present ' , ' absent ' ] ) ,
state = dict ( default = ' present ' , choices = [ ' present ' , ' absent ' ] ) ,
private_ip_address = dict ( type = ' str ' ) ,
private_ip_address = dict ( type = ' str ' ) ,
private_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
private_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
public_ip_address_name = dict ( type = ' str ' , aliases = [ ' public_ip_address ' , ' public_ip_name ' ] ) ,
public_ip_address_name = dict ( type = ' str ' , aliases = [ ' public_ip_address ' , ' public_ip_name ' ] ) ,
public_ip = dict ( type = ' bool ' , default = True ) ,
public_ip = dict ( type = ' bool ' , default = True ) ,
subnet_name = dict ( type = ' str ' , aliases = [ ' subnet ' ] ) ,
subnet_name = dict ( type = ' str ' , aliases = [ ' subnet ' ] ) ,
virtual_network_resource_group = dict ( type = ' str ' ) ,
virtual_network = dict ( type = ' raw ' , aliases = [ ' virtual_network_name ' ] ) ,
virtual_network_name = dict ( type = ' str ' , aliases = [ ' virtual_network ' ] ) ,
public_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
public_ip_allocation_method = dict ( type = ' str ' , choices = [ ' Dynamic ' , ' Static ' ] , default = ' Dynamic ' ) ,
ip_configurations = dict ( type = ' list ' , default = None , elements = ' dict ' , options = ip_configuration_spec ) ,
ip_configurations = dict ( type = ' list ' , default = None , elements = ' dict ' , options = ip_configuration_spec ) ,
os_type = dict ( type = ' str ' , choices = [ ' Windows ' , ' Linux ' ] , default = ' Linux ' ) ,
os_type = dict ( type = ' str ' , choices = [ ' Windows ' , ' Linux ' ] , default = ' Linux ' ) ,
@ -376,24 +402,23 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
)
)
required_if = [
required_if = [
( ' state ' , ' present ' , [ ' subnet_name ' , ' virtual_network _name ' ] )
( ' state ' , ' present ' , [ ' subnet_name ' , ' virtual_network ' ] )
]
]
self . resource_group = None
self . resource_group = None
self . name = None
self . name = None
self . location = None
self . location = None
self . security_group_name = None
self . create_with_security_group = None
self . security_group = None
self . private_ip_address = None
self . private_ip_address = None
self . private_ip_allocation_method = None
self . private_ip_allocation_method = None
self . public_ip_address_name = None
self . public_ip_address_name = None
self . public_ip = None
self . public_ip = None
self . subnet_name = None
self . subnet_name = None
self . virtual_network_resource_group = None
self . virtual_network = None
self . virtual_network_name = None
self . public_ip_allocation_method = None
self . public_ip_allocation_method = None
self . state = None
self . state = None
self . tags = None
self . tags = None
self . security_group_name = None
self . os_type = None
self . os_type = None
self . open_ports = None
self . open_ports = None
self . ip_configurations = None
self . ip_configurations = None
@ -423,15 +448,10 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
self . location = resource_group . location
self . location = resource_group . location
# parse the virtual network resource group and name
# parse the virtual network resource group and name
virtual_network_dict = parse_resource_id ( self . virtual_network_name )
self . virtual_network = self . parse_resource_to_dict ( self . virtual_network )
virtual_network_name = virtual_network_dict . get ( ' name ' )
virtual_network_resource_group = virtual_network_dict . get ( ' resource_group ' , self . virtual_network_resource_group )
if virtual_network_resource_group is None :
virtual_network_resource_group = self . resource_group
# if not set the security group name, use nic name for default
# if not set the security group name, use nic name for default
self . security_group _name = self . security_group_name or self . name
self . security_group = self . parse_resource_to_dict ( self . security_group or self . name )
if self . state == ' present ' and not self . ip_configurations :
if self . state == ' present ' and not self . ip_configurations :
# construct the ip_configurations array for compatiable
# construct the ip_configurations array for compatiable
@ -464,16 +484,21 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
if update_tags :
if update_tags :
changed = True
changed = True
nsg = self . get_security_group ( self . security_group_name )
if self . create_with_security_group != bool ( results . get ( ' network_security_group ' ) ) :
if nsg and results . get ( ' network_security_group ' ) and results [ ' network_security_group ' ] . get ( ' id ' ) != nsg . id :
self . log ( " CHANGED: add or remove network interface {0} network security group " . format ( self . name ) )
self . log ( " CHANGED: network interface {0} network security group " . format ( self . name ) )
changed = True
changed = True
if results [ ' ip_configurations ' ] [ 0 ] [ ' subnet ' ] [ ' virtual_network_name ' ] != virtual_network_name :
if not changed :
nsg = self . get_security_group ( self . security_group [ ' resource_group ' ] , self . security_group [ ' name ' ] )
if nsg and results . get ( ' network_security_group ' ) and results [ ' network_security_group ' ] . get ( ' id ' ) != nsg . id :
self . log ( " CHANGED: network interface {0} network security group " . format ( self . name ) )
changed = True
if results [ ' ip_configurations ' ] [ 0 ] [ ' subnet ' ] [ ' virtual_network_name ' ] != self . virtual_network [ ' name ' ] :
self . log ( " CHANGED: network interface {0} virtual network name " . format ( self . name ) )
self . log ( " CHANGED: network interface {0} virtual network name " . format ( self . name ) )
changed = True
changed = True
if results [ ' ip_configurations ' ] [ 0 ] [ ' subnet ' ] [ ' resource_group ' ] != virtual_network_resource_group :
if results [ ' ip_configurations ' ] [ 0 ] [ ' subnet ' ] [ ' resource_group ' ] != self . virtual_network [ ' resource_group ' ] :
self . log ( " CHANGED: network interface {0} virtual network resource group " . format ( self . name ) )
self . log ( " CHANGED: network interface {0} virtual network resource group " . format ( self . name ) )
changed = True
changed = True
@ -510,9 +535,9 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
if self . state == ' present ' :
if self . state == ' present ' :
subnet = self . network_models . SubResource (
subnet = self . network_models . SubResource (
' /subscriptions/ {0} /resourceGroups/ {1} /providers/Microsoft.Network/virtualNetworks/ {2} /subnets/ {3} ' . format (
' /subscriptions/ {0} /resourceGroups/ {1} /providers/Microsoft.Network/virtualNetworks/ {2} /subnets/ {3} ' . format (
self . subscription_id,
self . virtual_network[ ' subscription_id' ] ,
virtual_network_resource_group ,
self . virtual_network [ ' resource_group ' ] ,
virtual_network_name ,
self . virtual_network [ ' name ' ] ,
self . subnet_name ) )
self . subnet_name ) )
nic_ip_configurations = [
nic_ip_configurations = [
@ -522,15 +547,19 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
name = ip_config . get ( ' name ' ) ,
name = ip_config . get ( ' name ' ) ,
subnet = subnet ,
subnet = subnet ,
public_ip_address = self . get_or_create_public_ip_address ( ip_config ) ,
public_ip_address = self . get_or_create_public_ip_address ( ip_config ) ,
load_balancer_backend_address_pools = ( [ self . network_models . BackendAddressPool ( id = self . backend_addr_pool_id ( bap_id ) )
for bap_id in ip_config . get ( ' load_balancer_backend_address_pools ' ) ]
if ip_config . get ( ' load_balancer_backend_address_pools ' ) else None ) ,
primary = ip_config . get ( ' primary ' )
primary = ip_config . get ( ' primary ' )
) for ip_config in self . ip_configurations
) for ip_config in self . ip_configurations
]
]
nsg = self . create_default_securitygroup ( self . resource_group,
nsg = self . create_default_securitygroup ( self . security_group[ ' resource_group' ] ,
self . location ,
self . location ,
self . security_group _name ,
self . security_group [ ' name ' ] ,
self . os_type ,
self . os_type ,
self . open_ports )
self . open_ports ) if self . create_with_security_group else None
self . log ( ' Creating or updating network interface {0} ' . format ( self . name ) )
self . log ( ' Creating or updating network interface {0} ' . format ( self . name ) )
nic = self . network_models . NetworkInterface (
nic = self . network_models . NetworkInterface (
id = results [ ' id ' ] if results else None ,
id = results [ ' id ' ] if results else None ,
@ -590,19 +619,36 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
except Exception as exc :
except Exception as exc :
return None
return None
def get_security_group ( self , name) :
def get_security_group ( self , resource_group, name) :
self . log ( " Fetching security group {0} " . format ( name ) )
self . log ( " Fetching security group {0} " . format ( name ) )
try :
try :
return self . network_client . network_security_groups . get ( self . resource_group , name )
return self . network_client . network_security_groups . get ( resource_group , name )
except Exception as exc :
except Exception as exc :
return None
return None
def backend_addr_pool_id ( self , val ) :
if isinstance ( val , dict ) :
lb = val . get ( ' load_balancer ' , None )
name = val . get ( ' name ' , None )
if lb and name :
return resource_id ( subscription = self . subscription_id ,
resource_group = self . resource_group ,
namespace = ' Microsoft.Network ' ,
type = ' loadBalancers ' ,
name = lb ,
child_type_1 = ' backendAddressPools ' ,
child_name_1 = name )
return val
def construct_ip_configuration_set ( self , raw ) :
def construct_ip_configuration_set ( self , raw ) :
configurations = [ str ( dict (
configurations = [ str ( dict (
private_ip_allocation_method = to_native ( item . get ( ' private_ip_allocation_method ' ) ) ,
private_ip_allocation_method = to_native ( item . get ( ' private_ip_allocation_method ' ) ) ,
public_ip_address_name = ( to_native ( item . get ( ' public_ip_address ' ) . get ( ' name ' ) )
public_ip_address_name = ( to_native ( item . get ( ' public_ip_address ' ) . get ( ' name ' ) )
if item . get ( ' public_ip_address ' ) else to_native ( item . get ( ' public_ip_address_name ' ) ) ) ,
if item . get ( ' public_ip_address ' ) else to_native ( item . get ( ' public_ip_address_name ' ) ) ) ,
primary = item . get ( ' primary ' ) ,
primary = item . get ( ' primary ' ) ,
load_balancer_backend_address_pools = ( set ( [ to_native ( self . backend_addr_pool_id ( id ) )
for id in item . get ( ' load_balancer_backend_address_pools ' ) ] )
if item . get ( ' load_balancer_backend_address_pools ' ) else None ) ,
name = to_native ( item . get ( ' name ' ) )
name = to_native ( item . get ( ' name ' ) )
) ) for item in raw ]
) ) for item in raw ]
return set ( configurations )
return set ( configurations )