--- - name: setup vpn customer gateway absent cs_vpn_customer_gateway: name: ansible_vpn_customer_gw state: absent register: vcg - name: verify setup vpn customer gateway absent assert: that: - vcg is successful - name: test create vpn customer gateway in check mode cs_vpn_customer_gateway: name: ansible_vpn_customer_gw cidr: 192.168.123.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.10.0.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: ~S3¢r3Tk3Y¼ esp_lifetime: 3600 check_mode: true register: vcg - name: verify test create vpn customer gateway in check mode assert: that: - vcg is changed - name: test create vpn customer gateway cs_vpn_customer_gateway: name: ansible_vpn_customer_gw cidr: 192.168.123.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.10.0.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: ~S3¢r3Tk3Y¼ esp_lifetime: 3600 register: vcg - name: verify test create vpn customer gateway assert: that: - vcg is changed - "vcg.cidrs == ['192.168.123.0/24']" - vcg.dpd == false - vcg.esp_lifetime == 3600 - vcg.esp_policy == 'aes256-sha1;modp1536' - vcg.force_encap == false - vcg.ike_policy == 'aes256-sha1;modp1536' - vcg.gateway == '10.10.0.1' - vcg.name == 'ansible_vpn_customer_gw' - vcg.ike_lifetime == 86400 - name: test create vpn customer gateway idempotency cs_vpn_customer_gateway: name: ansible_vpn_customer_gw cidr: 192.168.123.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.10.0.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: ~S3¢r3Tk3Y¼ esp_lifetime: 3600 register: vcg - name: verify test create vpn customer gateway idempotency assert: that: - vcg is not changed - "vcg.cidrs == ['192.168.123.0/24']" - vcg.dpd == false - vcg.esp_lifetime == 3600 - vcg.esp_policy == 'aes256-sha1;modp1536' - vcg.force_encap == false - vcg.ike_policy == 'aes256-sha1;modp1536' - vcg.gateway == '10.10.0.1' - vcg.name == 'ansible_vpn_customer_gw' - vcg.ike_lifetime == 86400 - name: test update vpn customer gateway in check mode cs_vpn_customer_gateway: name: ansible_vpn_customer_gw cidrs: - 192.168.123.0/24 - 192.168.124.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.10.1.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: ~S3¢r3Tk3Y@ esp_lifetime: 1800 ike_lifetime: 23200 force_encap: true check_mode: true register: vcg - name: verify test update vpn customer gateway in check mode assert: that: - vcg is changed - "vcg.cidrs == ['192.168.123.0/24']" - vcg.dpd == false - vcg.esp_lifetime == 3600 - vcg.esp_policy == 'aes256-sha1;modp1536' - vcg.force_encap == false - vcg.ike_policy == 'aes256-sha1;modp1536' - vcg.gateway == '10.10.0.1' - vcg.name == 'ansible_vpn_customer_gw' - vcg.ike_lifetime == 86400 - name: test update vpn customer gateway cs_vpn_customer_gateway: name: ansible_vpn_customer_gw cidrs: - 192.168.123.0/24 - 192.168.124.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.10.1.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: ~S3¢r3Tk3Y@ esp_lifetime: 1800 ike_lifetime: 23200 force_encap: true register: vcg - name: verify test update vpn customer gateway assert: that: - vcg is changed - "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']" - vcg.dpd == false - vcg.esp_lifetime == 1800 - vcg.esp_policy == 'aes256-sha1;modp1536' - vcg.force_encap == true - vcg.ike_policy == 'aes256-sha1;modp1536' - vcg.gateway == '10.10.1.1' - vcg.name == 'ansible_vpn_customer_gw' - vcg.ike_lifetime == 23200 - name: test update vpn customer gateway idempotence cs_vpn_customer_gateway: name: ansible_vpn_customer_gw cidrs: - 192.168.123.0/24 - 192.168.124.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.10.1.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: ~S3¢r3Tk3Y@ esp_lifetime: 1800 ike_lifetime: 23200 force_encap: true register: vcg - name: verify test update vpn customer gateway idempotence assert: that: - vcg is not changed - "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']" - vcg.dpd == false - vcg.esp_lifetime == 1800 - vcg.esp_policy == 'aes256-sha1;modp1536' - vcg.force_encap == true - vcg.ike_policy == 'aes256-sha1;modp1536' - vcg.gateway == '10.10.1.1' - vcg.name == 'ansible_vpn_customer_gw' - vcg.ike_lifetime == 23200 - name: test remove vpn customer gateway in check mode cs_vpn_customer_gateway: name: ansible_vpn_customer_gw state: absent check_mode: true register: vcg - name: verify test remove vpn customer gateway in check mode assert: that: - vcg is changed - "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']" - vcg.dpd == false - vcg.esp_lifetime == 1800 - vcg.esp_policy == 'aes256-sha1;modp1536' - vcg.force_encap == true - vcg.ike_policy == 'aes256-sha1;modp1536' - vcg.gateway == '10.10.1.1' - vcg.name == 'ansible_vpn_customer_gw' - vcg.ike_lifetime == 23200 - name: test remove vpn customer gateway cs_vpn_customer_gateway: name: ansible_vpn_customer_gw state: absent register: vcg - name: verify test remove vpn customer gateway assert: that: - vcg is changed - "vcg.cidrs == ['192.168.123.0/24', '192.168.124.0/24']" - vcg.dpd == false - vcg.esp_lifetime == 1800 - vcg.esp_policy == 'aes256-sha1;modp1536' - vcg.force_encap == true - vcg.ike_policy == 'aes256-sha1;modp1536' - vcg.gateway == '10.10.1.1' - vcg.name == 'ansible_vpn_customer_gw' - vcg.ike_lifetime == 23200 - name: test remove vpn customer gateway idempotence cs_vpn_customer_gateway: name: ansible_vpn_customer_gw state: absent register: vcg - name: verify test remove vpn customer gateway idempotence assert: that: - vcg is not changed