Skip to content

Commit

Permalink
Add support manual_private_link_service_connections to azure_rm_priva…
Browse files Browse the repository at this point in the history 
…teendpoint.py (#1745)

* Add support manual_private_link_service_connections to azure_rm_privateendpoint.py

* fix sanity fail

* small change
  • Loading branch information
@Fred-sun
Fred-sun authored Nov 15, 2024
1 parent e596031 commit 2abf5bc
Show file tree
Hide file tree
Showing 3 changed files with 139 additions and 6 deletions.
43 changes: 42 additions & 1 deletion plugins/modules/azure_rm_privateendpoint.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,26 @@
description:
- The ID of the subnet from which the private IP will be allocated.
type: str
manual_private_link_service_connections:
description:
- A grouping of information about the connection to the remote resource.
- Used when the network admin does not have access to approve connections to the remote resource.
type: list
elements: dict
suboptions:
name:
description:
- The name of the resource that is unique within a resource group.
type: str
private_link_service_id:
description:
- The resource id of the private endpoint to connect to.
type: str
group_ids:
description:
- The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.
type: list
elements: str
private_link_service_connections:
description:
- A grouping of information about the connection to the remote resource.
Expand Down Expand Up @@ -155,6 +175,12 @@
returned: always
type: str
sample: "/subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/fredtestRG-vnet/subnets/default"
manual_private_link_service_connections:
description:
- The resource id of the private endpoint to connect.
returned: always
type: list
sample: ["/subscriptions/xxx/resourceGroups/myRG/providers/Microsoft.Network/privateEndpoints/point/privateLinkServiceConnections/point02",]
private_link_service_connections:
description:
- The resource id of the private endpoint to connect.
Expand Down Expand Up @@ -183,6 +209,13 @@
)


manual_private_service_connection_spec = dict(
name=dict(type='str'),
private_link_service_id=dict(type='str'),
group_ids=dict(type='list', elements='str')
)


private_service_connection_spec = dict(
name=dict(type='str'),
private_link_service_id=dict(type='str'),
Expand Down Expand Up @@ -210,6 +243,7 @@ def __init__(self):
location=dict(type='str'),
subnet=dict(type='dict', options=subnet_spec),
private_link_service_connections=dict(type='list', elements='dict', options=private_service_connection_spec),
manual_private_link_service_connections=dict(type='list', elements='dict', options=manual_private_service_connection_spec),
)

self.resource_group = None
Expand All @@ -224,10 +258,12 @@ def __init__(self):
state=dict()
)
self.to_do = Actions.NoAction
mutually_exclusive = [['private_link_service_connections', 'manual_private_link_service_connections']]

super(AzureRMPrivateEndpoint, self).__init__(self.module_arg_spec,
supports_tags=True,
supports_check_mode=True)
supports_check_mode=True,
mutually_exclusive=mutually_exclusive)

def exec_module(self, **kwargs):

Expand Down Expand Up @@ -329,6 +365,11 @@ def private_endpoints_to_dict(self, privateendpoint):
results['private_link_service_connections'] = []
for connections in privateendpoint.private_link_service_connections:
results['private_link_service_connections'].append(dict(private_link_service_id=connections.private_link_service_id, name=connections.name))
if privateendpoint.manual_private_link_service_connections and len(privateendpoint.manual_private_link_service_connections) > 0:
results['manual_private_link_service_connections'] = []
for connections in privateendpoint.manual_private_link_service_connections:
results['manual_private_link_service_connections'].append(dict(
private_link_service_id=connections.private_link_service_id, name=connections.name))

return results

Expand Down
61 changes: 57 additions & 4 deletions plugins/modules/azure_rm_privateendpoint_info.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@
id:
description:
- Resource ID of the private endpoint.
sample: /subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/privateEndpoints/testprivateendpoint
sample: /subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/privateEndpoints/ped01
returned: always
type: str
etag:
Expand Down Expand Up @@ -105,29 +105,73 @@
- Name of the private endpoint.
returned: always
type: str
sample: estprivateendpoint
sample: ped01
subnets_id:
description:
- Subnets associated with the virtual network.
returned: always
type: str
sample: "/subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/fredtestRG-vnet/subnets/default"
manual_private_link_service_connections:
description:
- The resource id of the private endpoint to connect.
returned: when-used
type: complex
contains:
id:
description:
- The resource id of the private endpoint to connect.
returned: always
type: str
sample: "/subscriptions/xxx/resourceGroups/testRG/providers/Microsoft.Network/privateEndpoints/ped01/privateLinkServiceConnections/ped01"
name:
description:
- The name of the private endpoint connection.
returned: always
type: str
sample: ped_name01
connection_state:
description:
- State details of endpoint connection
type: complex
returned: always
contains:
description:
description:
- The reason for approval/rejection of the connection.
returned: always
type: str
sample: "Auto Approved"
status:
description:
- Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.
returned: always
type: str
sample: Approved
actions_required:
description:
- A message indicating if changes on the service provider require any updates on the consumer.
type: str
returned: always
sample: "This is action_required string"
private_link_service_connections:
description:
- The resource id of the private endpoint to connect.
returned: always
returned: when-used
type: complex
contains:
id:
description:
- The resource id of the private endpoint to connect.
returned: always
type: str
sample: "/subscriptions/xxx/resourceGroups/testRG/providers/Microsoft.Network/privateEndpoints/ped01/privateLinkServiceConnections/ped02"
name:
description:
- The name of the private endpoint connection.
returned: always
type: str
sample: ped_name02
connection_state:
description:
- State details of endpoint connection
Expand Down Expand Up @@ -291,7 +335,16 @@ def privateendpoints_to_dict(self, privateendpoint):
if privateendpoint.manual_private_link_service_connections and len(privateendpoint.manual_private_link_service_connections) > 0:
results['manual_private_link_service_connections'] = []
for connections in privateendpoint.manual_private_link_service_connections:
results['manual_private_link_service_connections'].append(connections.id)
connection = {}
connection['connection_state'] = {}
connection['id'] = connections.id
connection['name'] = connections.name
connection['type'] = connections.type
connection['group_ids'] = connections.group_ids
connection['connection_state']['status'] = connections.manual_private_link_service_connection_state.status
connection['connection_state']['description'] = connections.manual_private_link_service_connection_state.description
connection['connection_state']['actions_required'] = connections.manual_private_link_service_connection_state.actions_required
results['manual_private_link_service_connections'].append(connection)
return results


Expand Down
41 changes: 40 additions & 1 deletion tests/integration/targets/azure_rm_privateendpoint/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
- westus
register: subnet_output

- name: Create instance of PostgreSQL Server
- name: Create instance of PostgreSQL Server --- first
azure_rm_postgresqlserver:
resource_group: "{{ resource_group }}"
name: postgresqlsrv{{ rpfx }}
Expand All @@ -48,6 +48,20 @@
admin_password: "{{ password }}"
register: post_output

- name: Create instance of PostgreSQL Server --- secondary
azure_rm_postgresqlserver:
resource_group: "{{ resource_group }}"
name: "postgresqlsrv{{ rpfx }}02"
sku:
name: GP_Gen5_2
tier: GeneralPurpose
location: eastus
storage_mb: 51200
enforce_ssl: true
admin_username: zimxyz
admin_password: "{{ password }}"
register: post_output02

- name: Delete private endpoint, makesure there is no private endpoint exist
azure_rm_privateendpoint:
name: privateendpoint{{ rpfx }}
Expand Down Expand Up @@ -134,6 +148,31 @@
- output.privateendpoints[0].provisioning_state == "Succeeded"
- output.privateendpoints[0].tags | length == 2

- name: Create secondary private endpoint with manual_private_link_service_connections parameters
azure_rm_privateendpoint:
name: "privateendpoint{{ rpfx }}02"
resource_group: "{{ resource_group }}"
manual_private_link_service_connections:
- name: privateEndpoints_test_name02
private_link_service_id: "{{ post_output02.id }}"
group_ids:
- postgresqlServer
subnet:
id: "{{ subnet_output.state.id }}"
register: output

- name: Assert the secondary private endpoint created
ansible.builtin.assert:
that:
- output.changed

- name: Delete the secondary private endpoint
azure_rm_privateendpoint:
name: "privateendpoint{{ rpfx }}02"
resource_group: "{{ resource_group }}"
state: absent
register: output

- name: Delete private endpoint
azure_rm_privateendpoint:
name: privateendpoint{{ rpfx }}
Expand Down

0 comments on commit 2abf5bc

Please sign in to comment.