Parameter |
Choices/Defaults |
Comments |
ad_user
|
|
Active Directory username. Use when authenticating with an Active Directory user rather than service principal.
|
adfs_authority_url
(added in 2.6) |
Default:
None
|
Azure AD authority url. Use when authenticating with Username/password, and has your own ADFS authority.
|
api_profile
(added in 2.5) |
Default:
latest
|
Selects an API profile to use when communicating with Azure services. Default value of latest is appropriate for public clouds; future values will allow use with Azure Stack.
|
append_tags
bool |
|
Use to control if tags field is canonical or just appends to existing tags. When canonical, any tags not found in the tags parameter will be removed from the object's metadata.
|
auth_source
(added in 2.5) |
Choices:
- auto
- cli
- credential_file
- env
- msi
|
Controls the source of the credentials to use for authentication.
If not specified, ANSIBLE_AZURE_AUTH_SOURCE environment variable will be used and default to auto if variable is not defined.
auto will follow the default precedence of module parameters -> environment variables -> default profile in credential file ~/.azure/credentials .
When set to cli , the credentials will be sources from the default Azure CLI profile.
Can also be set via the ANSIBLE_AZURE_AUTH_SOURCE environment variable.
When set to msi , the host machine must be an azure resource with an enabled MSI extension. subscription_id or the environment variable AZURE_SUBSCRIPTION_ID can be used to identify the subscription ID if the resource is granted access to more than one subscription, otherwise the first subscription is chosen.
The msi was added in Ansible 2.6.
|
authentication_certificates
|
|
Authentication certificates of the application gateway resource.
|
|
data
|
|
Certificate public data - base64 encoded pfx
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
backend_address_pools
|
|
List of backend address pool of the application gateway resource.
|
|
backend_addresses
|
|
List of backend addresses
|
|
|
fqdn
|
|
Fully qualified domain name (FQDN).
|
|
|
ip_address
|
|
IP address
|
|
name
|
|
Resource that is unique within a resource group. This name can be used to access the resource.
|
backend_http_settings_collection
|
|
Backend http settings of the application gateway resource.
|
|
port
|
|
Port
|
|
protocol
|
|
Protocol.
|
|
cookie_based_affinity
|
Choices:
- enabled
- disabled
|
Cookie based affinity.
|
|
request_timeout
|
|
Request timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable va lues are from 1 second to 86400 seconds.
|
|
authentication_certificates
|
|
List of references to application gateway authentication certificates.
|
|
|
id
|
|
Resource ID.
|
|
host_name
|
|
Host header to be sent to the backend servers.
|
|
pick_host_name_from_backend_address
|
|
Whether to pick host header should be picked from the host name of the backend server. Default value is false.
|
|
affinity_cookie_name
|
|
Cookie name to use for the affinity cookie.
|
|
path
|
|
Path which should be used as a prefix for all http requests. Null means no path will be prefixed. Default value is null.
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
cert_validation_mode
(added in 2.5) |
|
Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing ignore . Can also be set via credential file profile or the AZURE_CERT_VALIDATION environment variable.
|
client_id
|
|
Azure client ID. Use when authenticating with a Service Principal.
|
cloud_environment
(added in 2.4) |
Default:
AzureCloud
|
For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, AzureChinaCloud , AzureUSGovernment ), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the AZURE_CLOUD_ENVIRONMENT environment variable.
|
frontend_ip_configurations
|
|
Frontend IP addresses of the application gateway resource.
|
|
private_ip_address
|
|
PrivateIPAddress of the network interface IP Configuration.
|
|
private_ip_allocation_method
|
|
PrivateIP allocation method.
|
|
subnet
|
|
Reference of the subnet resource.
|
|
public_ip_address
|
|
Reference of the PublicIP resource.
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
frontend_ports
|
|
List of frontend ports of the application gateway resource.
|
|
port
|
|
Frontend port
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
gateway_ip_configurations
|
|
List of subnets used by the application gateway.
|
|
subnet
|
|
Reference of the subnet resource. A subnet from where application gateway gets its private address.
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
http_listeners
|
|
List of HTTP listeners of the application gateway resource.
|
|
frontend_ip_configuration
|
|
Frontend IP configuration resource of an application gateway.
|
|
frontend_port
|
|
Frontend port resource of an application gateway.
|
|
protocol
|
|
Protocol.
|
|
host_name
|
|
Host name of http listener.
|
|
ssl_certificate
|
|
SSL certificate resource of an application gateway.
|
|
require_server_name_indication
|
|
Applicable only if protocol is https . Enables SNI for multi-hosting.
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
location
|
|
Resource location. If not set, location from the resource group will be used as default.
|
name
required |
|
The name of the application gateway.
|
password
|
|
Active Directory user password. Use when authenticating with an Active Directory user rather than service principal.
|
profile
|
|
Security profile found in ~/.azure/credentials file.
|
request_routing_rules
|
|
List of request routing rules of the application gateway resource.
|
|
rule_type
|
Choices:
- basic
- path_based_routing
|
Rule type.
|
|
backend_address_pool
|
|
Backend address pool resource of the application gateway.
|
|
backend_http_settings
|
|
Frontend port resource of the application gateway.
|
|
http_listener
|
|
Http listener resource of the application gateway.
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
resource_group
required |
|
The name of the resource group.
|
secret
|
|
Azure client secret. Use when authenticating with a Service Principal.
|
sku
|
|
SKU of the application gateway resource.
|
|
name
|
Choices:
- standard_small
- standard_medium
- standard_large
- waf_medium
- waf_large
|
Name of an application gateway SKU.
|
|
tier
|
|
Tier of an application gateway.
|
|
capacity
|
|
Capacity (instance count) of an application gateway.
|
ssl_certificates
|
|
SSL certificates of the application gateway resource.
|
|
data
|
|
Base-64 encoded pfx certificate.
|
|
password
|
|
Password for the pfx file specified in data.
|
|
name
|
|
Name of the resource that is unique within a resource group. This name can be used to access the resource.
|
ssl_policy
|
|
SSL policy of the application gateway resource.
|
|
disabled_ssl_protocols
|
Choices:
- tls_v1_0
- tls_v1_1
- tls_v1_2
|
List of SSL protocols to be disabled on application gateway.
|
|
policy_type
|
Choices:
- predefined
- custom
|
Type of SSL Policy.
|
|
policy_name
|
Choices:
- ssl_policy20150501
- ssl_policy20170401
- ssl_policy20170401_s
|
Name of Ssl predefined policy.
|
|
cipher_suites
|
Choices:
- tls_ecdhe_rsa_with_aes_256_gcm_sha384
- tls_ecdhe_rsa_with_aes_128_gcm_sha256
- tls_ecdhe_rsa_with_aes_256_cbc_sha384
- tls_ecdhe_rsa_with_aes_128_cbc_sha256
- tls_ecdhe_rsa_with_aes_256_cbc_sha
- tls_ecdhe_rsa_with_aes_128_cbc_sha
- tls_dhe_rsa_with_aes_256_gcm_sha384
- tls_dhe_rsa_with_aes_128_gcm_sha256
- tls_dhe_rsa_with_aes_256_cbc_sha
- tls_dhe_rsa_with_aes_128_cbc_sha
- tls_rsa_with_aes_256_gcm_sha384
- tls_rsa_with_aes_128_gcm_sha256
- tls_rsa_with_aes_256_cbc_sha256
- tls_rsa_with_aes_128_cbc_sha256
- tls_rsa_with_aes_256_cbc_sha
- tls_rsa_with_aes_128_cbc_sha
- tls_ecdhe_ecdsa_with_aes_256_gcm_sha384
- tls_ecdhe_ecdsa_with_aes_128_gcm_sha256
- tls_ecdhe_ecdsa_with_aes_256_cbc_sha384
- tls_ecdhe_ecdsa_with_aes_128_cbc_sha256
- tls_ecdhe_ecdsa_with_aes_256_cbc_sha
- tls_ecdhe_ecdsa_with_aes_128_cbc_sha
- tls_dhe_dss_with_aes_256_cbc_sha256
- tls_dhe_dss_with_aes_128_cbc_sha256
- tls_dhe_dss_with_aes_256_cbc_sha
- tls_dhe_dss_with_aes_128_cbc_sha
- tls_rsa_with_3des_ede_cbc_sha
- tls_dhe_dss_with_3des_ede_cbc_sha
|
List of SSL cipher suites to be enabled in the specified order to application gateway.
|
|
min_protocol_version
|
Choices:
- tls_v1_0
- tls_v1_1
- tls_v1_2
|
Minimum version of Ssl protocol to be supported on application gateway.
|
state
|
Choices:
- absent
present ←
|
Assert the state of the Public IP. Use 'present' to create or update a and 'absent' to delete.
|
subscription_id
|
|
Your Azure subscription Id.
|
tags
|
|
Dictionary of string:string pairs to assign as metadata to the object. Metadata tags on the object will be updated with any provided values. To remove tags set append_tags option to false.
|
tenant
|
|
Azure tenant ID. Use when authenticating with a Service Principal.
|