| Parameter |
Choices/Defaults |
Comments |
|
ad_user
string
|
|
Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
|
|
adfs_authority_url
string
added in 2.6 |
|
Azure AD authority url. Use when authenticating with Username/password, and has your own ADFS authority.
|
|
api_profile
string
added in 2.5 |
Default:
"latest"
|
Selects an API profile to use when communicating with Azure services. Default value of latest is appropriate for public clouds; future values will allow use with Azure Stack.
|
|
append_tags
boolean
|
|
Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
|
|
auth_source
string
added in 2.5 |
Choices:
- auto
- cli
- credential_file
- env
- msi
|
Controls the source of the credentials to use for authentication.
If not specified, ANSIBLE_AZURE_AUTH_SOURCE environment variable will be used and default to auto if variable is not defined.
auto will follow the default precedence of module parameters -> environment variables -> default profile in credential file ~/.azure/credentials.
When set to cli, the credentials will be sources from the default Azure CLI profile.
Can also be set via the ANSIBLE_AZURE_AUTH_SOURCE environment variable.
When set to msi, the host machine must be an azure resource with an enabled MSI extension. subscription_id or the environment variable AZURE_SUBSCRIPTION_ID can be used to identify the subscription ID if the resource is granted access to more than one subscription, otherwise the first subscription is chosen.
The msi was added in Ansible 2.6.
|
|
authentication_certificates
-
|
|
Authentication certificates of the application gateway resource.
|
|
data
-
|
|
Certificate public data - base64 encoded pfx.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
backend_address_pools
-
|
|
List of backend address pool of the application gateway resource.
|
|
backend_addresses
-
|
|
List of backend addresses.
|
|
|
fqdn
-
|
|
Fully qualified domain name (FQDN).
|
|
|
ip_address
-
|
|
IP address.
|
|
name
-
|
|
Resource that is unique within a resource group. This name can be used to access the resource.
|
|
backend_http_settings_collection
-
|
|
Backend http settings of the application gateway resource.
|
|
affinity_cookie_name
-
|
|
Cookie name to use for the affinity cookie.
|
|
authentication_certificates
-
|
|
List of references to application gateway authentication certificates.
Applicable only when cookie_based_affinity is enabled, otherwise quietly ignored.
|
|
|
id
-
|
|
Resource ID.
|
|
cookie_based_affinity
-
|
Choices:
- enabled
- disabled
|
Cookie based affinity.
|
|
host_name
-
|
|
Host header to be sent to the backend servers.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
path
-
|
|
Path which should be used as a prefix for all http requests.
Null means no path will be prefixed. Default value is null.
|
|
pick_host_name_from_backend_address
-
|
|
Whether to pick host header should be picked from the host name of the backend server. Default value is false.
|
|
port
-
|
|
The destination port on the backend.
|
|
probe
-
|
|
Probe resource of an application gateway.
|
|
protocol
-
|
|
The protocol used to communicate with the backend.
|
|
request_timeout
-
|
|
Request timeout in seconds.
Application Gateway will fail the request if response is not received within RequestTimeout.
Acceptable values are from 1 second to 86400 seconds.
|
|
cert_validation_mode
string
added in 2.5 |
|
Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing ignore. Can also be set via credential file profile or the AZURE_CERT_VALIDATION environment variable.
|
|
client_id
string
|
|
Azure client ID. Use when authenticating with a Service Principal.
|
|
cloud_environment
string
added in 2.4 |
Default:
"AzureCloud"
|
For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, AzureChinaCloud, AzureUSGovernment), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the AZURE_CLOUD_ENVIRONMENT environment variable.
|
|
frontend_ip_configurations
-
|
|
Frontend IP addresses of the application gateway resource.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
private_ip_address
-
|
|
PrivateIPAddress of the network interface IP Configuration.
|
|
private_ip_allocation_method
-
|
|
PrivateIP allocation method.
|
|
public_ip_address
-
|
|
Reference of the PublicIP resource.
|
|
subnet
-
|
|
Reference of the subnet resource.
|
|
frontend_ports
-
|
|
List of frontend ports of the application gateway resource.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
port
-
|
|
Frontend port.
|
|
gateway_ip_configurations
-
|
|
List of subnets used by the application gateway.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
subnet
-
|
|
Reference of the subnet resource. A subnet from where application gateway gets its private address.
|
|
http_listeners
-
|
|
List of HTTP listeners of the application gateway resource.
|
|
frontend_ip_configuration
-
|
|
Frontend IP configuration resource of an application gateway.
|
|
frontend_port
-
|
|
Frontend port resource of an application gateway.
|
|
host_name
-
|
|
Host name of http listener.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
protocol
-
|
|
Protocol of the c(http) listener.
|
|
require_server_name_indication
-
|
|
Applicable only if protocol is https. Enables SNI for multi-hosting.
|
|
ssl_certificate
-
|
|
SSL certificate resource of an application gateway.
|
|
location
-
|
|
Resource location. If not set, location from the resource group will be used as default.
|
|
name
-
/ required
|
|
The name of the application gateway.
|
|
password
string
|
|
Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
|
|
probes
-
added in 2.8 |
|
Probes available to the application gateway resource.
|
|
host
-
|
|
Host name to send the probe to.
|
|
interval
-
|
|
The probing interval in seconds.
This is the time interval between two consecutive probes.
Acceptable values are from 1 second to 86400 seconds.
|
|
name
-
|
|
Name of the probe that is unique within an Application Gateway.
|
|
path
-
|
|
Relative path of probe.
Valid path starts from '/'.
Probe is sent to <Protocol>://<host>:<port><path>.
|
|
protocol
-
|
|
The protocol used for the probe.
|
|
timeout
-
|
|
The probe timeout in seconds.
Probe marked as failed if valid response is not received with this timeout period.
Acceptable values are from 1 second to 86400 seconds.
|
|
unhealthy_threshold
-
|
|
The probe retry count.
Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold.
Acceptable values are from 1 second to 20.
|
|
profile
string
|
|
Security profile found in ~/.azure/credentials file.
|
|
redirect_configurations
-
added in 2.8 |
|
Redirect configurations of the application gateway resource.
|
|
include_path
-
|
|
Include path in the redirected url.
|
|
include_query_string
-
|
|
Include query string in the redirected url.
|
|
name
-
|
|
Name of the resource that is unique within a resource group.
|
|
redirect_type
-
|
Choices:
- permanent
- found
- see_other
- temporary
|
Redirection type.
|
|
target_listener
-
|
|
Reference to a listener to redirect the request to.
|
|
request_routing_rules
-
|
|
List of request routing rules of the application gateway resource.
|
|
backend_address_pool
-
|
|
Backend address pool resource of the application gateway.
|
|
backend_http_settings
-
|
|
Backend http settings resource of the application gateway.
|
|
http_listener
-
|
|
Http listener resource of the application gateway.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
redirect_configuration
-
|
|
Redirect configuration resource of the application gateway.
|
|
rule_type
-
|
Choices:
- basic
- path_based_routing
|
Rule type.
|
|
resource_group
-
/ required
|
|
The name of the resource group.
|
|
secret
string
|
|
Azure client secret. Use when authenticating with a Service Principal.
|
|
sku
-
|
|
SKU of the application gateway resource.
|
|
capacity
-
|
|
Capacity (instance count) of an application gateway.
|
|
name
-
|
Choices:
- standard_small
- standard_medium
- standard_large
- waf_medium
- waf_large
|
Name of an application gateway SKU.
|
|
tier
-
|
|
Tier of an application gateway.
|
|
ssl_certificates
-
|
|
SSL certificates of the application gateway resource.
|
|
data
-
|
|
Base-64 encoded pfx certificate.
Only applicable in PUT Request.
|
|
name
-
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
password
-
|
|
Password for the pfx file specified in data.
Only applicable in PUT request.
|
|
ssl_policy
-
|
|
SSL policy of the application gateway resource.
|
|
cipher_suites
-
|
Choices:
- tls_ecdhe_rsa_with_aes_256_gcm_sha384
- tls_ecdhe_rsa_with_aes_128_gcm_sha256
- tls_ecdhe_rsa_with_aes_256_cbc_sha384
- tls_ecdhe_rsa_with_aes_128_cbc_sha256
- tls_ecdhe_rsa_with_aes_256_cbc_sha
- tls_ecdhe_rsa_with_aes_128_cbc_sha
- tls_dhe_rsa_with_aes_256_gcm_sha384
- tls_dhe_rsa_with_aes_128_gcm_sha256
- tls_dhe_rsa_with_aes_256_cbc_sha
- tls_dhe_rsa_with_aes_128_cbc_sha
- tls_rsa_with_aes_256_gcm_sha384
- tls_rsa_with_aes_128_gcm_sha256
- tls_rsa_with_aes_256_cbc_sha256
- tls_rsa_with_aes_128_cbc_sha256
- tls_rsa_with_aes_256_cbc_sha
- tls_rsa_with_aes_128_cbc_sha
- tls_ecdhe_ecdsa_with_aes_256_gcm_sha384
- tls_ecdhe_ecdsa_with_aes_128_gcm_sha256
- tls_ecdhe_ecdsa_with_aes_256_cbc_sha384
- tls_ecdhe_ecdsa_with_aes_128_cbc_sha256
- tls_ecdhe_ecdsa_with_aes_256_cbc_sha
- tls_ecdhe_ecdsa_with_aes_128_cbc_sha
- tls_dhe_dss_with_aes_256_cbc_sha256
- tls_dhe_dss_with_aes_128_cbc_sha256
- tls_dhe_dss_with_aes_256_cbc_sha
- tls_dhe_dss_with_aes_128_cbc_sha
- tls_rsa_with_3des_ede_cbc_sha
- tls_dhe_dss_with_3des_ede_cbc_sha
|
List of SSL cipher suites to be enabled in the specified order to application gateway.
|
|
disabled_ssl_protocols
-
|
Choices:
- tls_v1_0
- tls_v1_1
- tls_v1_2
|
List of SSL protocols to be disabled on application gateway.
|
|
min_protocol_version
-
|
Choices:
- tls_v1_0
- tls_v1_1
- tls_v1_2
|
Minimum version of Ssl protocol to be supported on application gateway.
|
|
policy_name
-
|
Choices:
- ssl_policy20150501
- ssl_policy20170401
- ssl_policy20170401_s
|
Name of Ssl predefined policy.
|
|
policy_type
-
|
Choices:
- predefined
- custom
|
Type of SSL Policy.
|
|
state
-
|
Choices:
- absent
present ←
|
Assert the state of the Public IP. Use present to create or update a and absent to delete.
|
|
subscription_id
string
|
|
Your Azure subscription Id.
|
|
tags
dictionary
|
|
Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false.
|
|
tenant
string
|
|
Azure tenant ID. Use when authenticating with a Service Principal.
|
