gce_net - create/destroy GCE networks and firewall rules

Author:Eric Johnson <erjohnso@google.com>

Synopsis

New in version 1.5.

This module can create and destroy Google Compue Engine networks and firewall rules https://developers.google.com/compute/docs/networking. The name parameter is reserved for referencing a network while the fwname parameter is used to reference firewall rules. IPv4 Address ranges must be specified using the CIDR http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing format. Full install/configuration instructions for the gce* modules can be found in the comments of ansible/test/gce_tests.py.

Options

parameter required default choices comments
allowed no
    the protocol:ports to allow ('tcp:80' or 'tcp:80,443' or 'tcp:80-800')
    fwname no
      name of the firewall rule
      ipv4_range no
        the IPv4 address range in CIDR notation for the network
        name no
          name of the network
          pem_file no
            path to the pem file associated with the service account email (added in Ansible 1.6)
            project_id no
              your GCE project ID (added in Ansible 1.6)
              service_account_email no
                service account email (added in Ansible 1.6)
                src_range no
                  the source IPv4 address range in CIDR notation
                  src_tags no
                    the source instance tags for creating a firewall rule
                    state no present
                    • active
                    • present
                    • absent
                    • deleted
                    desired state of the persistent disk

                    Note

                    Requires libcloud

                    Examples


                    # Simple example of creating a new network
                    - local_action:
                        module: gce_net
                        name: privatenet
                        ipv4_range: '10.240.16.0/24'
                    
                    # Simple example of creating a new firewall rule
                    - local_action:
                        module: gce_net
                        name: privatenet
                        allowed: tcp:80,8080
                        src_tags: ["web", "proxy"]