Parameter |
Choices/Defaults |
Comments |
ad_user
string
|
|
Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
|
adfs_authority_url
string
added in 0.0.1 of azure.azcollection
|
|
Azure AD authority url. Use when authenticating with Username/password, and has your own ADFS authority.
|
api_profile
string
added in 0.0.1 of azure.azcollection
|
Default:
"latest"
|
Selects an API profile to use when communicating with Azure services. Default value of latest is appropriate for public clouds; future values will allow use with Azure Stack.
|
append_tags
boolean
|
|
Use to control if tags field is canonical or just appends to existing tags.
When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
|
auth_source
string
added in 0.0.1 of azure.azcollection
|
Choices:
auto ←
- cli
- credential_file
- env
- msi
|
Controls the source of the credentials to use for authentication.
Can also be set via the ANSIBLE_AZURE_AUTH_SOURCE environment variable.
When set to auto (the default) the precedence is module parameters -> env -> credential_file -> cli .
When set to env , the credentials will be read from the environment variables
When set to credential_file , it will read the profile from ~/.azure/credentials .
When set to cli , the credentials will be sources from the Azure CLI profile. subscription_id or the environment variable AZURE_SUBSCRIPTION_ID can be used to identify the subscription ID if more than one is present otherwise the default az cli subscription is used.
When set to msi , the host machine must be an azure resource with an enabled MSI extension. subscription_id or the environment variable AZURE_SUBSCRIPTION_ID can be used to identify the subscription ID if the resource is granted access to more than one subscription, otherwise the first subscription is chosen.
The msi was added in Ansible 2.6.
|
authentication_certificates
string
|
|
Authentication certificates of the application gateway resource.
|
|
data
string
|
|
Certificate public data - base64 encoded pfx.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
backend_address_pools
string
|
|
List of backend address pool of the application gateway resource.
|
|
backend_addresses
string
|
|
List of backend addresses.
|
|
|
fqdn
string
|
|
Fully qualified domain name (FQDN).
|
|
|
ip_address
string
|
|
IP address.
|
|
name
string
|
|
Resource that is unique within a resource group. This name can be used to access the resource.
|
backend_http_settings_collection
string
|
|
Backend http settings of the application gateway resource.
|
|
affinity_cookie_name
string
|
|
Cookie name to use for the affinity cookie.
|
|
authentication_certificates
string
|
|
List of references to application gateway authentication certificates.
Applicable only when cookie_based_affinity is enabled, otherwise quietly ignored.
|
|
|
id
string
|
|
Resource ID.
|
|
cookie_based_affinity
string
|
Choices:
- enabled
- disabled
|
Cookie based affinity.
|
|
host_name
string
|
|
Host header to be sent to the backend servers.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
path
string
|
|
Path which should be used as a prefix for all http requests.
Null means no path will be prefixed. Default value is null.
|
|
pick_host_name_from_backend_address
string
|
|
Whether to pick host header should be picked from the host name of the backend server. Default value is false.
|
|
port
string
|
|
The destination port on the backend.
|
|
probe
string
|
|
Probe resource of an application gateway.
|
|
protocol
string
|
|
The protocol used to communicate with the backend.
|
|
request_timeout
string
|
|
Request timeout in seconds.
Application Gateway will fail the request if response is not received within RequestTimeout.
Acceptable values are from 1 second to 86400 seconds.
|
cert_validation_mode
string
added in 0.0.1 of azure.azcollection
|
|
Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing ignore . Can also be set via credential file profile or the AZURE_CERT_VALIDATION environment variable.
|
client_id
string
|
|
Azure client ID. Use when authenticating with a Service Principal.
|
cloud_environment
string
added in 0.0.1 of azure.azcollection
|
Default:
"AzureCloud"
|
For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, AzureChinaCloud , AzureUSGovernment ), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the AZURE_CLOUD_ENVIRONMENT environment variable.
|
frontend_ip_configurations
string
|
|
Frontend IP addresses of the application gateway resource.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
private_ip_address
string
|
|
PrivateIPAddress of the network interface IP Configuration.
|
|
private_ip_allocation_method
string
|
|
PrivateIP allocation method.
|
|
public_ip_address
string
|
|
Reference of the PublicIP resource.
|
|
subnet
string
|
|
Reference of the subnet resource.
|
frontend_ports
string
|
|
List of frontend ports of the application gateway resource.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
port
string
|
|
Frontend port.
|
gateway_ip_configurations
string
|
|
List of subnets used by the application gateway.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
subnet
string
|
|
Reference of the subnet resource. A subnet from where application gateway gets its private address.
|
http_listeners
string
|
|
List of HTTP listeners of the application gateway resource.
|
|
frontend_ip_configuration
string
|
|
Frontend IP configuration resource of an application gateway.
|
|
frontend_port
string
|
|
Frontend port resource of an application gateway.
|
|
host_name
string
|
|
Host name of http listener.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
protocol
string
|
|
Protocol of the http listener.
|
|
require_server_name_indication
string
|
|
Applicable only if protocol is https . Enables SNI for multi-hosting.
|
|
ssl_certificate
string
|
|
SSL certificate resource of an application gateway.
|
location
string
|
|
Resource location. If not set, location from the resource group will be used as default.
|
name
string
/ required
|
|
The name of the application gateway.
|
password
string
|
|
Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
|
probes
string
|
|
Probes available to the application gateway resource.
|
|
host
string
|
|
Host name to send the probe to.
|
|
interval
string
|
|
The probing interval in seconds.
This is the time interval between two consecutive probes.
Acceptable values are from 1 second to 86400 seconds.
|
|
name
string
|
|
Name of the probe that is unique within an Application Gateway.
|
|
path
string
|
|
Relative path of probe.
Valid path starts from '/'.
Probe is sent to <Protocol>://<host>:<port><path>.
|
|
protocol
string
|
|
The protocol used for the probe.
|
|
timeout
string
|
|
The probe timeout in seconds.
Probe marked as failed if valid response is not received with this timeout period.
Acceptable values are from 1 second to 86400 seconds.
|
|
unhealthy_threshold
string
|
|
The probe retry count.
Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold.
Acceptable values are from 1 second to 20.
|
profile
string
|
|
Security profile found in ~/.azure/credentials file.
|
redirect_configurations
string
|
|
Redirect configurations of the application gateway resource.
|
|
include_path
string
|
|
Include path in the redirected url.
|
|
include_query_string
string
|
|
Include query string in the redirected url.
|
|
name
string
|
|
Name of the resource that is unique within a resource group.
|
|
redirect_type
string
|
Choices:
- permanent
- found
- see_other
- temporary
|
Redirection type.
|
|
target_listener
string
|
|
Reference to a listener to redirect the request to.
|
request_routing_rules
string
|
|
List of request routing rules of the application gateway resource.
|
|
backend_address_pool
string
|
|
Backend address pool resource of the application gateway.
|
|
backend_http_settings
string
|
|
Backend http settings resource of the application gateway.
|
|
http_listener
string
|
|
Http listener resource of the application gateway.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
redirect_configuration
string
|
|
Redirect configuration resource of the application gateway.
|
|
rule_type
string
|
Choices:
- basic
- path_based_routing
|
Rule type.
|
resource_group
string
/ required
|
|
The name of the resource group.
|
secret
string
|
|
Azure client secret. Use when authenticating with a Service Principal.
|
sku
string
|
|
SKU of the application gateway resource.
|
|
capacity
string
|
|
Capacity (instance count) of an application gateway.
|
|
name
string
|
Choices:
- standard_small
- standard_medium
- standard_large
- standard_v2
- waf_medium
- waf_large
- waf_v2
|
Name of an application gateway SKU.
|
|
tier
string
|
Choices:
- standard
- standard_v2
- waf
- waf_v2
|
Tier of an application gateway.
|
ssl_certificates
string
|
|
SSL certificates of the application gateway resource.
|
|
data
string
|
|
Base-64 encoded pfx certificate.
Only applicable in PUT Request.
|
|
name
string
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
|
password
string
|
|
Password for the pfx file specified in data.
Only applicable in PUT request.
|
ssl_policy
string
|
|
SSL policy of the application gateway resource.
|
|
cipher_suites
string
|
Choices:
- tls_ecdhe_rsa_with_aes_256_gcm_sha384
- tls_ecdhe_rsa_with_aes_128_gcm_sha256
- tls_ecdhe_rsa_with_aes_256_cbc_sha384
- tls_ecdhe_rsa_with_aes_128_cbc_sha256
- tls_ecdhe_rsa_with_aes_256_cbc_sha
- tls_ecdhe_rsa_with_aes_128_cbc_sha
- tls_dhe_rsa_with_aes_256_gcm_sha384
- tls_dhe_rsa_with_aes_128_gcm_sha256
- tls_dhe_rsa_with_aes_256_cbc_sha
- tls_dhe_rsa_with_aes_128_cbc_sha
- tls_rsa_with_aes_256_gcm_sha384
- tls_rsa_with_aes_128_gcm_sha256
- tls_rsa_with_aes_256_cbc_sha256
- tls_rsa_with_aes_128_cbc_sha256
- tls_rsa_with_aes_256_cbc_sha
- tls_rsa_with_aes_128_cbc_sha
- tls_ecdhe_ecdsa_with_aes_256_gcm_sha384
- tls_ecdhe_ecdsa_with_aes_128_gcm_sha256
- tls_ecdhe_ecdsa_with_aes_256_cbc_sha384
- tls_ecdhe_ecdsa_with_aes_128_cbc_sha256
- tls_ecdhe_ecdsa_with_aes_256_cbc_sha
- tls_ecdhe_ecdsa_with_aes_128_cbc_sha
- tls_dhe_dss_with_aes_256_cbc_sha256
- tls_dhe_dss_with_aes_128_cbc_sha256
- tls_dhe_dss_with_aes_256_cbc_sha
- tls_dhe_dss_with_aes_128_cbc_sha
- tls_rsa_with_3des_ede_cbc_sha
- tls_dhe_dss_with_3des_ede_cbc_sha
|
List of SSL cipher suites to be enabled in the specified order to application gateway.
|
|
disabled_ssl_protocols
string
|
Choices:
- tls_v1_0
- tls_v1_1
- tls_v1_2
|
List of SSL protocols to be disabled on application gateway.
|
|
min_protocol_version
string
|
Choices:
- tls_v1_0
- tls_v1_1
- tls_v1_2
|
Minimum version of Ssl protocol to be supported on application gateway.
|
|
policy_name
string
|
Choices:
- ssl_policy20150501
- ssl_policy20170401
- ssl_policy20170401_s
|
Name of Ssl predefined policy.
|
|
policy_type
string
|
Choices:
- predefined
- custom
|
Type of SSL Policy.
|
state
string
|
Choices:
- absent
present ←
|
Assert the state of the Public IP. Use present to create or update a and absent to delete.
|
subscription_id
string
|
|
Your Azure subscription Id.
|
tags
dictionary
|
|
Dictionary of string:string pairs to assign as metadata to the object.
Metadata tags on the object will be updated with any provided values.
To remove tags set append_tags option to false.
Currently, Azure DNS zones and Traffic Manager services also don't allow the use of spaces in the tag.
Azure Front Door doesn't support the use of
Azure Automation and Azure CDN only support 15 tags on resources.
|
tenant
string
|
|
Azure tenant ID. Use when authenticating with a Service Principal.
|