diff --git a/lib/ansible/modules/cloud/google/gcp_compute_backend_service.py b/lib/ansible/modules/cloud/google/gcp_compute_backend_service.py index ea54f18f97..e5a796f3f3 100644 --- a/lib/ansible/modules/cloud/google/gcp_compute_backend_service.py +++ b/lib/ansible/modules/cloud/google/gcp_compute_backend_service.py @@ -195,6 +195,37 @@ options: and a health check is required. - For internal load balancing, a URL to a HealthCheck resource must be specified instead. required: false + iap: + description: + - Settings for enabling Cloud Identity Aware Proxy. + required: false + version_added: 2.7 + suboptions: + enabled: + description: + - Enables IAP. + required: false + type: bool + oauth2_client_id: + description: + - OAuth2 Client ID for IAP. + required: false + oauth2_client_secret: + description: + - OAuth2 Client Secret for IAP. + required: false + oauth2_client_secret_sha256: + description: + - OAuth2 Client Secret SHA-256 for IAP. + required: false + load_balancing_scheme: + description: + - Indicates whether the backend service will be used with internal or external load + balancing. A backend service created for one type of load balancing cannot be used + with the other. + required: false + version_added: 2.7 + choices: ['INTERNAL', 'EXTERNAL'] name: description: - Name of the resource. Provided by the client when the resource is created. The name @@ -456,6 +487,39 @@ RETURN = ''' - The unique identifier for the resource. returned: success type: int + iap: + description: + - Settings for enabling Cloud Identity Aware Proxy. + returned: success + type: complex + contains: + enabled: + description: + - Enables IAP. + returned: success + type: bool + oauth2_client_id: + description: + - OAuth2 Client ID for IAP. + returned: success + type: str + oauth2_client_secret: + description: + - OAuth2 Client Secret for IAP. + returned: success + type: str + oauth2_client_secret_sha256: + description: + - OAuth2 Client Secret SHA-256 for IAP. + returned: success + type: str + load_balancing_scheme: + description: + - Indicates whether the backend service will be used with internal or external load + balancing. A backend service created for one type of load balancing cannot be used + with the other. + returned: success + type: str name: description: - Name of the resource. Provided by the client when the resource is created. The name @@ -551,6 +615,13 @@ def main(): description=dict(type='str'), enable_cdn=dict(type='bool'), health_checks=dict(type='list', elements='str'), + iap=dict(type='dict', options=dict( + enabled=dict(type='bool'), + oauth2_client_id=dict(type='str'), + oauth2_client_secret=dict(type='str'), + oauth2_client_secret_sha256=dict(type='str') + )), + load_balancing_scheme=dict(type='str', choices=['INTERNAL', 'EXTERNAL']), name=dict(type='str'), port_name=dict(type='str'), protocol=dict(type='str', choices=['HTTP', 'HTTPS', 'TCP', 'SSL']), @@ -615,6 +686,8 @@ def resource_to_request(module): u'description': module.params.get('description'), u'enableCDN': module.params.get('enable_cdn'), u'healthChecks': module.params.get('health_checks'), + u'iap': BackendServiceIap(module.params.get('iap', {}), module).to_request(), + u'loadBalancingScheme': module.params.get('load_balancing_scheme'), u'name': module.params.get('name'), u'portName': module.params.get('port_name'), u'protocol': module.params.get('protocol'), @@ -660,8 +733,6 @@ def return_if_object(module, response, kind): if navigate_hash(result, ['error', 'errors']): module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) - if result['kind'] != kind: - module.fail_json(msg="Incorrect result: {kind}".format(**result)) return result @@ -697,6 +768,8 @@ def response_to_hash(module, response): u'enableCDN': response.get(u'enableCDN'), u'healthChecks': response.get(u'healthChecks'), u'id': response.get(u'id'), + u'iap': BackendServiceIap(response.get(u'iap', {}), module).from_response(), + u'loadBalancingScheme': response.get(u'loadBalancingScheme'), u'name': response.get(u'name'), u'portName': response.get(u'portName'), u'protocol': response.get(u'protocol'), @@ -864,5 +937,30 @@ class BackendServiceConnectionDraining(object): }) +class BackendServiceIap(object): + def __init__(self, request, module): + self.module = module + if request: + self.request = request + else: + self.request = {} + + def to_request(self): + return remove_nones_from_dict({ + u'enabled': self.request.get('enabled'), + u'oauth2ClientId': self.request.get('oauth2_client_id'), + u'oauth2ClientSecret': self.request.get('oauth2_client_secret'), + u'oauth2ClientSecretSha256': self.request.get('oauth2_client_secret_sha256') + }) + + def from_response(self): + return remove_nones_from_dict({ + u'enabled': self.request.get(u'enabled'), + u'oauth2ClientId': self.request.get(u'oauth2ClientId'), + u'oauth2ClientSecret': self.request.get(u'oauth2ClientSecret'), + u'oauth2ClientSecretSha256': self.request.get(u'oauth2ClientSecretSha256') + }) + + if __name__ == '__main__': main()