--- - name: setup vpc cs_vpc: name: my_vpc display_text: my_vpc cidr: 10.10.1.0/16 zone: "{{ cs_common_zone_adv }}" register: vpc - name: verify setup vpc assert: that: - vpc is successful - name: setup customer gateway cs_vpn_customer_gateway: name: my_vpn_customer_gateway cidr: 192.168.123.0/24 esp_policy: aes256-sha1;modp1536 gateway: 10.11.1.1 ike_policy: aes256-sha1;modp1536 ipsec_psk: ~S3¢r3Tk3Y¼ esp_lifetime: 3600 register: vcg - name: setup customer gateway assert: that: - vcg is successful - name: setup remove vpn connection cs_vpn_connection: vpc: my_vpc zone: "{{ cs_common_zone_adv }}" state: absent register: vpn_conn - name: verify setup remove vpn connection assert: that: - vpn_conn is successful - name: setup vpn gateway absent cs_vpn_gateway: vpc: my_vpc zone: "{{ cs_common_zone_adv }}" state: absent register: vpn_gateway - name: verify setup vpn gateway absent assert: that: - vpn_gateway is successful - name: test fail create vpn connection without gateway and force cs_vpn_connection: vpn_customer_gateway: my_vpn_customer_gateway vpc: my_vpc zone: "{{ cs_common_zone_adv }}" ignore_errors: yes register: vpn_conn - name: verify test fail create vpn connection without gateway and force assert: that: - vpn_conn is failed - vpn_conn.msg == "VPN gateway not found and not forced to create one" - name: test create vpn connection with force in check mode cs_vpn_connection: vpn_customer_gateway: my_vpn_customer_gateway vpc: my_vpc force: yes zone: "{{ cs_common_zone_adv }}" check_mode: yes register: vpn_conn - name: verify test create vpn connection with force in check mode assert: that: - vpn_conn is changed - name: test create vpn connection with force cs_vpn_connection: vpn_customer_gateway: my_vpn_customer_gateway vpc: my_vpc force: yes zone: "{{ cs_common_zone_adv }}" register: vpn_conn - name: verify test create vpn connection with force assert: that: - vpn_conn is changed - vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway" - vpn_conn.vpc == "my_vpc" - name: test create vpn connection with force idempotence cs_vpn_connection: vpn_customer_gateway: my_vpn_customer_gateway vpc: my_vpc force: yes zone: "{{ cs_common_zone_adv }}" register: vpn_conn - name: verify test create vpn connection with force idempotence assert: that: - vpn_conn is not changed - vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway" - vpn_conn.vpc == "my_vpc" - name: test remove vpn connection in check mode cs_vpn_connection: vpc: my_vpc zone: "{{ cs_common_zone_adv }}" state: absent check_mode: yes register: vpn_conn - name: verify test remove vpn connection in check mode assert: that: - vpn_conn is changed - vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway" - vpn_conn.vpc == "my_vpc" - name: test remove vpn connection cs_vpn_connection: vpc: my_vpc zone: "{{ cs_common_zone_adv }}" state: absent register: vpn_conn - name: verify test remove vpn connection assert: that: - vpn_conn is changed - vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway" - vpn_conn.vpc == "my_vpc" - name: test remove vpn connection idempotence cs_vpn_connection: vpc: my_vpc zone: "{{ cs_common_zone_adv }}" state: absent register: vpn_conn - name: verify test remove vpn connection idempotence assert: that: - vpn_conn is not changed - name: setup create vpn gateway cs_vpn_gateway: vpc: my_vpc zone: "{{ cs_common_zone_adv }}" register: vpn_gateway - name: verify setup create vpn gateway assert: that: - vpn_gateway is success - name: test create vpn connection without force in check mode cs_vpn_connection: vpn_customer_gateway: my_vpn_customer_gateway vpc: my_vpc zone: "{{ cs_common_zone_adv }}" check_mode: yes register: vpn_conn - name: verify test create vpn connection without force in check mode assert: that: - vpn_conn is changed - name: test create vpn connection without force cs_vpn_connection: vpn_customer_gateway: my_vpn_customer_gateway vpc: my_vpc zone: "{{ cs_common_zone_adv }}" register: vpn_conn - name: verify test create vpn connection without force assert: that: - vpn_conn is changed - vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway" - vpn_conn.vpc == "my_vpc" - name: test create vpn connection without force cs_vpn_connection: vpn_customer_gateway: my_vpn_customer_gateway vpc: my_vpc zone: "{{ cs_common_zone_adv }}" register: vpn_conn - name: verify test create vpn connection without force assert: that: - vpn_conn is not changed - vpn_conn.vpn_customer_gateway == "my_vpn_customer_gateway" - vpn_conn.vpc == "my_vpc" - name: cleanup remove vpn connection cs_vpn_connection: vpc: my_vpc zone: "{{ cs_common_zone_adv }}" state: absent register: vpn_conn - name: verify cleanup remove vpn connection idempotence assert: that: - vpn_conn is successful