azure_rm_networkinterface - Manage Azure network interfaces.
New in version 2.1.
Synopsis
- Create, update or delete a network interface. When creating a network interface you must provide the name of an existing virtual network, the name of an existing subnet within the virtual network. A default security group and public IP address will be created automatically, or you can provide the name of an existing security group and public IP address. See the examples below for more details.
Requirements (on host that executes module)
- python >= 2.7
- azure >= 2.0.0
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| ad_user | no | Active Directory username. Use when authenticating with an Active Directory user rather than service principal. | ||
| append_tags | no | True | Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata. | |
| client_id | no | Azure client ID. Use when authenticating with a Service Principal. | ||
| cloud_environment | no | AzureCloud | For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, AzureChinaCloud, AzureUSGovernment), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the AZURE_CLOUD_ENVIRONMENT environment variable. | |
| location | no | resource_group location | Valid azure location. Defaults to location of the resource group. | |
| name | yes | Name of the network interface. | ||
| open_ports | no | When a default security group is created for a Linux host a rule will be added allowing inbound TCP connections to the default SSH port 22, and for a Windows host rules will be added allowing inbound access to RDP ports 3389 and 5986. Override the default ports by providing a list of open ports. | ||
| os_type | no | Linux |
| Determines any rules to be added to a default security group. When creating a network interface, if no security group name is provided, a default security group will be created. If the os_type is 'Windows', a rule will be added allowing RDP access. If the os_type is 'Linux', a rule allowing SSH access will be added. |
| password | no | Active Directory user password. Use when authenticating with an Active Directory user rather than service principal. | ||
| private_ip_address | no | Valid IPv4 address that falls within the specified subnet. | ||
| private_ip_allocation_method | no | Dynamic |
| Specify whether or not the assigned IP address is permanent. NOTE: when creating a network interface specifying a value of 'Static' requires that a private_ip_address value be provided. You can update the allocation method to 'Static' after a dynamic private ip address has been assigned. |
| profile | no | Security profile found in ~/.azure/credentials file. | ||
| public_ip | no | True | When creating a network interface, if no public IP address name is provided a default public IP address will be created. Set to false, if you do not want a public IP address automatically created. | |
| public_ip_address_name | no | Name of an existing public IP address object to associate with the security group. aliases: public_ip_address, public_ip_name | ||
| public_ip_allocation_method | no | Dynamic |
| If a public_ip_address_name is not provided, a default public IP address will be created. The allocation method determines whether or not the public IP address assigned to the network interface is permanent. |
| resource_group | yes | Name of a resource group where the network interface exists or will be created. | ||
| secret | no | Azure client secret. Use when authenticating with a Service Principal. | ||
| security_group_name | no | Name of an existing security group with which to associate the network interface. If not provided, a default security group will be created. aliases: security_group | ||
| state | no | present |
| Assert the state of the network interface. Use 'present' to create or update an interface and 'absent' to delete an interface. |
| subnet_name | yes | Name of an existing subnet within the specified virtual network. Required when creating a network interface aliases: subnet | ||
| subscription_id | no | Your Azure subscription Id. | ||
| tags | no | Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false. | ||
| tenant | no | Azure tenant ID. Use when authenticating with a Service Principal. | ||
| virtual_network_name | yes | Name of an existing virtual network with which the network interface will be associated. Required when creating a network interface. aliases: virtual_network |
Examples
- name: Create a network interface with minimal parameters
azure_rm_networkinterface:
name: nic001
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
- name: Create a network interface with private IP address only (no Public IP)
azure_rm_networkinterface:
name: nic001
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
public_ip: no
- name: Create a network interface for use in a Windows host (opens RDP port) with custom RDP port
azure_rm_networkinterface:
name: nic002
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
os_type: Windows
rdp_port: 3399
- name: Create a network interface using existing security group and public IP
azure_rm_networkinterface:
name: nic003
resource_group: Testing
virtual_network_name: vnet001
subnet_name: subnet001
security_group_name: secgroup001
public_ip_address_name: publicip001
- name: Delete network interface
azure_rm_networkinterface:
resource_group: Testing
name: nic003
state: absent
Return Values
Common return values are documented here Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| state | The current state of the network interface. | always | dict | {'dns_settings': {'dns_servers': [], 'internal_fqdn': None, 'internal_dns_name_label': None, 'applied_dns_servers': []}, 'name': 'nic003', 'tags': None, 'primary': None, 'enable_ip_forwarding': False, 'etag': 'W/"be115a43-2148-4545-a324-f33ad444c926"', 'location': 'eastus2', 'mac_address': None, 'ip_configuration': {'private_ip_address': '10.1.0.10', 'private_ip_allocation_method': 'Static', 'public_ip_address': {'id': '/subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/publicIPAddresses/publicip001', 'name': 'publicip001'}, 'name': 'default', 'subnet': {}}, 'provisioning_state': 'Succeeded', 'type': 'Microsoft.Network/networkInterfaces', 'id': '/subscriptions/XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX/resourceGroups/Testing/providers/Microsoft.Network/networkInterfaces/nic003', 'network_security_group': {}} |
Notes
Note
- For authentication with Azure you can pass parameters, set environment variables or use a profile stored in ~/.azure/credentials. Authentication is possible using a service principal or Active Directory user. To authenticate via service principal, pass subscription_id, client_id, secret and tenant or set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT.
- To authenticate via Active Directory user, pass ad_user and password, or set AZURE_AD_USER and AZURE_PASSWORD in the environment.
- Alternatively, credentials can be stored in ~/.azure/credentials. This is an ini file containing a [default] section and the following keys: subscription_id, client_id, secret and tenant or subscription_id, ad_user and password. It is also possible to add additional profiles. Specify the profile by passing profile or setting AZURE_PROFILE in the environment.
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/azure_rm_networkinterface_module.html