ansible/cloud/amazon/ec2_customer_gateway.py

267 lines
8.7 KiB
Python

#!/usr/bin/python
#
# This is a free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This Ansible library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this library. If not, see <http://www.gnu.org/licenses/>.
DOCUMENTATION = '''
---
module: ec2_customer_gateway
short_description: Manage an AWS customer gateway
description:
- Manage an AWS customer gateway
version_added: "2.2"
author: Michael Baydoun (@MichaelBaydoun)
requirements: [ botocore, boto3 ]
notes:
- You cannot create more than one customer gateway with the same IP address. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources.
- Return values contain customer_gateway and customer_gateways keys which are identical dicts. You should use
customer_gateway. See U(https://github.com/ansible/ansible-modules-extras/issues/2773) for details.
options:
bgp_asn:
description:
- Border Gateway Protocol (BGP) Autonomous System Number (ASN), required when state=present.
required: false
default: null
ip_address:
description:
- Internet-routable IP address for customers gateway, must be a static address.
required: true
name:
description:
- Name of the customer gateway.
required: true
state:
description:
- Create or terminate the Customer Gateway.
required: false
default: present
choices: [ 'present', 'absent' ]
extends_documentation_fragment:
- aws
- ec2
'''
EXAMPLES = '''
# Create Customer Gateway
- ec2_customer_gateway:
bgp_asn: 12345
ip_address: 1.2.3.4
name: IndianapolisOffice
region: us-east-1
register: cgw
# Delete Customer Gateway
- ec2_customer_gateway:
ip_address: 1.2.3.4
name: IndianapolisOffice
state: absent
region: us-east-1
register: cgw
'''
RETURN = '''
gateway.customer_gateways:
description: details about the gateway that was created.
returned: success
type: complex
contains:
bgp_asn:
description: The Border Gateway Autonomous System Number.
returned: when exists and gateway is available.
sample: 65123
type: string
customer_gateway_id:
description: gateway id assigned by amazon.
returned: when exists and gateway is available.
sample: cgw-cb6386a2
type: string
ip_address:
description: ip address of your gateway device.
returned: when exists and gateway is available.
sample: 1.2.3.4
type: string
state:
description: state of gateway.
returned: when gateway exists and is available.
state: available
type: string
tags:
description: any tags on the gateway.
returned: when gateway exists and is available, and when tags exist.
state: available
type: string
type:
description: encryption type.
returned: when gateway exists and is available.
sample: ipsec.1
type: string
'''
try:
from botocore.exceptions import ClientError
HAS_BOTOCORE = True
except ImportError:
HAS_BOTOCORE = False
try:
import boto3
HAS_BOTO3 = True
except ImportError:
HAS_BOTO3 = False
class Ec2CustomerGatewayManager:
def __init__(self, module):
self.module = module
try:
region, ec2_url, aws_connect_kwargs = get_aws_connection_info(module, boto3=True)
if not region:
module.fail_json(msg="Region must be specified as a parameter, in EC2_REGION or AWS_REGION environment variables or in boto configuration file")
self.ec2 = boto3_conn(module, conn_type='client', resource='ec2', region=region, endpoint=ec2_url, **aws_connect_kwargs)
except ClientError, e:
module.fail_json(msg=e.message)
def ensure_cgw_absent(self, gw_id):
response = self.ec2.delete_customer_gateway(
DryRun=False,
CustomerGatewayId=gw_id
)
return response
def ensure_cgw_present(self, bgp_asn, ip_address):
response = self.ec2.create_customer_gateway(
DryRun=False,
Type='ipsec.1',
PublicIp=ip_address,
BgpAsn=bgp_asn,
)
return response
def tag_cgw_name(self, gw_id, name):
response = self.ec2.create_tags(
DryRun=False,
Resources=[
gw_id,
],
Tags=[
{
'Key': 'Name',
'Value': name
},
]
)
return response
def describe_gateways(self, ip_address):
response = self.ec2.describe_customer_gateways(
DryRun=False,
Filters=[
{
'Name': 'state',
'Values': [
'available',
]
},
{
'Name': 'ip-address',
'Values': [
ip_address,
]
}
]
)
return response
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(
bgp_asn=dict(required=False, type='int'),
ip_address=dict(required=True),
name=dict(required=True),
state=dict(default='present', choices=['present', 'absent']),
)
)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
('state', 'present', ['bgp_arn'])
]
)
if not HAS_BOTOCORE:
module.fail_json(msg='botocore is required.')
if not HAS_BOTO3:
module.fail_json(msg='boto3 is required.')
gw_mgr = Ec2CustomerGatewayManager(module)
bgp_asn = module.params.get('bgp_asn')
ip_address = module.params.get('ip_address')
name = module.params.get('name')
existing = gw_mgr.describe_gateways(module.params['ip_address'])
# describe_gateways returns a key of CustomerGateways where as create_gateway returns a
# key of CustomerGateway. For consistency, change it here
existing['CustomerGateway'] = existing['CustomerGateways']
results = dict(changed=False)
if module.params['state'] == 'present':
if existing['CustomerGateway']:
results['gateway'] = existing
if existing['CustomerGateway'][0]['Tags']:
tag_array = existing['CustomerGateway'][0]['Tags']
for key, value in enumerate(tag_array):
if value['Key'] == 'Name':
current_name = value['Value']
if current_name != name:
results['name'] = gw_mgr.tag_cgw_name(
results['gateway']['CustomerGateway'][0]['CustomerGatewayId'],
module.params['name'],
)
results['changed'] = True
else:
if not module.check_mode:
results['gateway'] = gw_mgr.ensure_cgw_present(
module.params['bgp_asn'],
module.params['ip_address'],
)
results['name'] = gw_mgr.tag_cgw_name(
results['gateway']['CustomerGateway']['CustomerGatewayId'],
module.params['name'],
)
results['changed'] = True
elif module.params['state'] == 'absent':
if existing['CustomerGateway']:
results['gateway'] = existing
if not module.check_mode:
results['gateway'] = gw_mgr.ensure_cgw_absent(
existing['CustomerGateway'][0]['CustomerGatewayId']
)
results['changed'] = True
pretty_results = camel_dict_to_snake_dict(results)
module.exit_json(**pretty_results)
# import module methods
from ansible.module_utils.basic import *
from ansible.module_utils.ec2 import *
if __name__ == '__main__':
main()