states.azurerm.network.virtual_network_peering

Azure Resource Manager (ARM) Virtual Network Peering State Module

New in version 1.0.0.

Changed in version 4.0.0.

maintainer:

<devops@eitr.tech>

configuration:

This module requires Azure Resource Manager credentials to be passed via acct. Note that the authentication parameters are case sensitive.

Required provider parameters:

if using username and password:
  • subscription_id
  • username
  • password
if using a service principal:
  • subscription_id
  • tenant
  • client_id
  • secret

Optional provider parameters:

cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:

  • AZURE_PUBLIC_CLOUD (default)
  • AZURE_CHINA_CLOUD
  • AZURE_US_GOV_CLOUD
  • AZURE_GERMAN_CLOUD

Example acct setup for Azure Resource Manager authentication:

azurerm:
    default:
        subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
        tenant: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
        client_id: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
        secret: XXXXXXXXXXXXXXXXXXXXXXXX
        cloud_environment: AZURE_PUBLIC_CLOUD
    user_pass_auth:
        subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
        username: fletch
        password: 123pass

The authentication parameters can also be passed as a dictionary of keyword arguments to the connection_auth parameter of each state, but this is not preferred and could be deprecated in the future.

idem_azurerm.states.azurerm.network.virtual_network_peering.absent(hub, ctx, name, virtual_network, resource_group, connection_auth=None, **kwargs)

New in version 1.0.0.

Ensure a virtual network peering object does not exist in the virtual network.

Parameters:
  • name – Name of the peering object.
  • virtual_network – Name of the existing virtual network containing the peering object.
  • resource_group – The resource group assigned to the virtual network.
  • connection_auth – A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.

Example usage:

Ensure virtual network peer absent:
    azurerm.network.virtual_network_peering.absent:
      - name: test_lb
      - virtual_network: test_vnet
      - resource_group: test_group
idem_azurerm.states.azurerm.network.virtual_network_peering.present(hub, ctx, name, remote_virtual_network, virtual_network, resource_group, remote_vnet_group=None, allow_virtual_network_access=True, allow_forwarded_traffic=False, allow_gateway_transit=False, use_remote_gateways=False, connection_auth=None, **kwargs)

New in version 1.0.0.

Changed in version 4.0.0.

Ensure a virtual network peering object exists.

Parameters:
  • name – Name of the peering object.
  • remote_virtual_network – The name of the remote virtual network.
  • remote_vnet_group – The resource group of the remote virtual network. Defaults to the same resource group as the “local” virtual network.
  • virtual_network – Name of the existing virtual network to contain the peering object.
  • resource_group – The resource group assigned to the local virtual network.
  • allow_virtual_network_access – Whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space.
  • allow_forwarded_traffic – Whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network.
  • allow_gateway_transit – If gateway links can be used in remote virtual networking to link to this virtual network.
  • use_remote_gateways – If remote gateways can be used on this virtual network. If the flag is set to True, and allow_gateway_transit on remote peering is also True, virtual network will use gateways of remote virtual network for transit. Only one peering can have this flag set to True. This flag cannot be set if virtual network already has a gateway.
  • connection_auth – A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.

Example usage:

Ensure virtual network peering exists:
    azurerm.network.virtual_network_peering.present:
        - name: vnet1_to_vnet2
        - virtual_network: vnet1
        - resource_group: group1
        - remote_virtual_network: vnet2
        - remote_vnet_group: group2
        - allow_virtual_network_access: True
        - allow_forwarded_traffic: False
        - allow_gateway_transit: False
        - use_remote_gateways: False