"""
Azure Resource Manager Network Execution Module
.. versionadded:: 2019.2.0
:maintainer: <devops@eitr.tech>
:maturity: new
:platform: linux
:configuration: This module requires Azure Resource Manager credentials to be passed as keyword arguments
to every function in order to work properly.
Required provider parameters:
if using username and password:
* ``subscription_id``
* ``username``
* ``password``
if using a service principal:
* ``subscription_id``
* ``tenant``
* ``client_id``
* ``secret``
Optional provider parameters:
**cloud_environment**: Used to point the cloud driver to different API endpoints, such as Azure GovCloud.
Possible values:
* ``AZURE_PUBLIC_CLOUD`` (default)
* ``AZURE_CHINA_CLOUD``
* ``AZURE_US_GOV_CLOUD``
* ``AZURE_GERMAN_CLOUD``
"""
# Python libs
import logging
import salt.config # pylint: disable=import-error, unused-import
import salt.loader # pylint: disable=import-error, unused-import
import saltext.azurerm.utils.azurerm
# Azure libs
HAS_LIBS = False
try:
import azure.mgmt.network.models # pylint: disable=unused-import
from azure.core.exceptions import HttpResponseError
from azure.core.exceptions import ResourceNotFoundError
from azure.core.exceptions import SerializationError
from azure.mgmt.core.tools import is_valid_resource_id
HAS_LIBS = True
except ImportError:
pass
__virtualname__ = "azurerm_network"
log = logging.getLogger(__name__)
def __virtual__():
if not HAS_LIBS:
return (
False,
"The following dependencies are required to use the Azure Resource Manager modules: "
"Microsoft Azure SDK for Python >= 2.0rc6, "
"MS REST Azure (msrestazure) >= 0.4",
)
return __virtualname__
[docs]
def check_dns_name_availability(name, region, **kwargs):
"""
.. versionadded:: 2019.2.0
Check whether a domain name in the current zone is available for use.
:param name: The DNS name to query.
:param region: The region to query for the DNS name in question.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.check_dns_name_availability testdnsname westus
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
check_dns_name = netconn.check_dns_name_availability(
location=region, domain_name_label=name
)
result = check_dns_name.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def check_ip_address_availability(ip_address, virtual_network, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Check that a private ip address is available within the specified
virtual network.
:param ip_address: The ip_address to query.
:param virtual_network: The virtual network to query for the IP address
in question.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.check_ip_address_availability 10.0.0.4 testnet testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
check_ip = netconn.virtual_networks.check_ip_address_availability(
resource_group_name=resource_group,
virtual_network_name=virtual_network,
ip_address=ip_address,
)
result = check_ip.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def default_security_rule_get(name, security_group, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a default security rule within a security group.
:param name: The name of the security rule to query.
:param security_group: The network security group containing the
security rule.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.default_security_rule_get DenyAllOutBound testnsg testgroup
"""
result = {}
default_rules = default_security_rules_list(
security_group=security_group, resource_group=resource_group, **kwargs
)
if isinstance(default_rules, dict) and "error" in default_rules:
return default_rules
try:
for default_rule in default_rules:
if default_rule["name"] == name:
result = default_rule
if not result:
result = {"error": f"Unable to find {name} in {security_group}!"}
except KeyError as exc:
log.error("Unable to find %s in %s!", name, security_group)
result = {"error": str(exc)}
return result
[docs]
def default_security_rules_list(security_group, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List default security rules within a security group.
:param security_group: The network security group to query.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.default_security_rules_list testnsg testgroup
"""
result = {}
secgroup = network_security_group_get(
security_group=security_group, resource_group=resource_group, **kwargs
)
if "error" in secgroup:
return secgroup
try:
result = secgroup["default_security_rules"]
except KeyError as exc:
log.error("No default security rules found for %s!", security_group)
result = {"error": str(exc)}
return result
[docs]
def security_rules_list(security_group, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List security rules within a network security group.
:param security_group: The network security group to query.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.security_rules_list testnsg testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secrules = netconn.security_rules.list(
network_security_group_name=security_group,
resource_group_name=resource_group,
)
result = saltext.azurerm.utils.azurerm.paged_object_to_list(secrules)
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def security_rule_create_or_update(
name,
access,
direction,
priority,
protocol,
security_group,
resource_group,
source_address_prefix=None,
destination_address_prefix=None,
source_port_range=None,
destination_port_range=None,
source_address_prefixes=None,
destination_address_prefixes=None,
source_port_ranges=None,
destination_port_ranges=None,
**kwargs,
):
"""
.. versionadded:: 2019.2.0
Create or update a security rule within a specified network security group.
:param name: The name of the security rule to create.
:param access:
'allow' or 'deny'
:param direction:
'inbound' or 'outbound'
:param priority:
Integer between 100 and 4096 used for ordering rule application.
:param protocol:
'tcp', 'udp', or '*'
:param destination_address_prefix:
The CIDR or destination IP range. Asterix '*' can also be used to match all destination IPs.
Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
If this is an ingress rule, specifies where network traffic originates from.
:param destination_port_range:
The destination port or range. Integer or range between 0 and 65535. Asterix '*'
can also be used to match all ports.
:param source_address_prefix:
The CIDR or source IP range. Asterix '*' can also be used to match all source IPs.
Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used.
If this is an ingress rule, specifies where network traffic originates from.
:param source_port_range:
The source port or range. Integer or range between 0 and 65535. Asterix '*'
can also be used to match all ports.
:param destination_address_prefixes:
A list of destination_address_prefix values. This parameter overrides destination_address_prefix
and will cause any value entered there to be ignored.
:param destination_port_ranges:
A list of destination_port_range values. This parameter overrides destination_port_range
and will cause any value entered there to be ignored.
:param source_address_prefixes:
A list of source_address_prefix values. This parameter overrides source_address_prefix
and will cause any value entered there to be ignored.
:param source_port_ranges:
A list of source_port_range values. This parameter overrides source_port_range
and will cause any value entered there to be ignored.
:param security_group: The network security group containing the
security rule.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.security_rule_create_or_update testrule1 allow outbound 101 tcp testnsg testgroup \
source_address_prefix='*' destination_address_prefix=internet source_port_range='*' \
destination_port_range='1-1024'
"""
exclusive_params = [
("source_port_ranges", "source_port_range"),
("source_address_prefixes", "source_address_prefix"),
("destination_port_ranges", "destination_port_range"),
("destination_address_prefixes", "destination_address_prefix"),
]
for params in exclusive_params:
# pylint: disable=eval-used
if not eval(params[0]) and not eval(params[1]):
log.error("Either the %s or %s parameter must be provided!", params[0], params[1])
return False
# pylint: disable=eval-used
if eval(params[0]):
# pylint: disable=exec-used
exec(f"{params[1]} = None")
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rulemodel = saltext.azurerm.utils.azurerm.create_object_model(
"network",
"SecurityRule",
name=name,
access=access,
direction=direction,
priority=priority,
protocol=protocol,
source_port_ranges=source_port_ranges,
source_port_range=source_port_range,
source_address_prefixes=source_address_prefixes,
source_address_prefix=source_address_prefix,
destination_port_ranges=destination_port_ranges,
destination_port_range=destination_port_range,
destination_address_prefixes=destination_address_prefixes,
destination_address_prefix=destination_address_prefix,
**kwargs,
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
secrule = netconn.security_rules.begin_create_or_update(
resource_group_name=resource_group,
network_security_group_name=security_group,
security_rule_name=name,
security_rule_parameters=rulemodel,
)
secrule.wait()
secrule_result = secrule.result()
result = secrule_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def security_rule_delete(security_rule, security_group, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a security rule within a specified security group.
:param name: The name of the security rule to delete.
:param security_group: The network security group containing the
security rule.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.security_rule_delete testrule1 testnsg testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secrule = netconn.security_rules.begin_delete(
network_security_group_name=security_group,
resource_group_name=resource_group,
security_rule_name=security_rule,
polling=True,
)
secrule.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def security_rule_get(security_rule, security_group, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get a security rule within a specified network security group.
:param name: The name of the security rule to query.
:param security_group: The network security group containing the
security rule.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.security_rule_get testrule1 testnsg testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secrule = netconn.security_rules.get(
network_security_group_name=security_group,
resource_group_name=resource_group,
security_rule_name=security_rule,
)
result = secrule.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def network_security_group_create_or_update(
name, resource_group, **kwargs
): # pylint: disable=invalid-name
"""
.. versionadded:: 2019.2.0
Create or update a network security group.
:param name: The name of the network security group to create.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_security_group_create_or_update testnsg testgroup
"""
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secgroupmodel = saltext.azurerm.utils.azurerm.create_object_model(
"network", "NetworkSecurityGroup", **kwargs
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
secgroup = netconn.network_security_groups.begin_create_or_update(
resource_group_name=resource_group,
network_security_group_name=name,
parameters=secgroupmodel,
polling=True,
)
secgroup.wait()
secgroup_result = secgroup.result()
result = secgroup_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def network_security_group_delete(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a network security group within a resource group.
:param name: The name of the network security group to delete.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_security_group_delete testnsg testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secgroup = netconn.network_security_groups.begin_delete(
resource_group_name=resource_group, network_security_group_name=name, polling=True
)
secgroup.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def network_security_group_get(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a network security group within a resource group.
:param name: The name of the network security group to query.
:param resource_group: The resource group name assigned to the
network security group.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_security_group_get testnsg testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secgroup = netconn.network_security_groups.get(
resource_group_name=resource_group, network_security_group_name=name
)
result = secgroup.as_dict()
except ResourceNotFoundError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def network_security_groups_list(resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all network security groups within a resource group.
:param resource_group: The resource group name to list network security \
groups within.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_security_groups_list testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secgroups = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.network_security_groups.list(resource_group_name=resource_group)
)
for secgroup in secgroups:
result[secgroup["name"]] = secgroup
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def network_security_groups_list_all(**kwargs): # pylint: disable=invalid-name
"""
.. versionadded:: 2019.2.0
List all network security groups within a subscription.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_security_groups_list_all
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
secgroups = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.network_security_groups.list_all()
)
for secgroup in secgroups:
result[secgroup["name"]] = secgroup
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def subnets_list(virtual_network, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all subnets within a virtual network.
:param virtual_network: The virtual network name to list subnets within.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.subnets_list testnet testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
subnets = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.subnets.list(
resource_group_name=resource_group, virtual_network_name=virtual_network
)
)
for subnet in subnets:
result[subnet["name"]] = subnet
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def subnet_get(name, virtual_network, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific subnet.
:param name: The name of the subnet to query.
:param virtual_network: The virtual network name containing the
subnet.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.subnet_get testsubnet testnet testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
subnet = netconn.subnets.get(
resource_group_name=resource_group,
virtual_network_name=virtual_network,
subnet_name=name,
)
result = subnet.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def subnet_create_or_update(name, address_prefix, virtual_network, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Create or update a subnet.
:param name: The name assigned to the subnet being created or updated.
:param address_prefix: A valid CIDR block within the virtual network.
:param virtual_network: The virtual network name containing the
subnet.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.subnet_create_or_update testsubnet \
'10.0.0.0/24' testnet testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
# Use NSG name to link to the ID of an existing NSG.
if kwargs.get("network_security_group"):
nsg = network_security_group_get(
name=kwargs["network_security_group"], resource_group=resource_group, **kwargs
)
if "error" not in nsg:
kwargs["network_security_group"] = {"id": str(nsg["id"])}
# Use Route Table name to link to the ID of an existing Route Table.
if kwargs.get("route_table"):
rt_table = route_table_get(
name=kwargs["route_table"], resource_group=resource_group, **kwargs
)
if "error" not in rt_table:
kwargs["route_table"] = {"id": str(rt_table["id"])}
try:
snetmodel = saltext.azurerm.utils.azurerm.create_object_model(
"network",
"Subnet",
address_prefix=address_prefix,
resource_group=resource_group,
**kwargs,
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
subnet = netconn.subnets.begin_create_or_update(
resource_group_name=resource_group,
virtual_network_name=virtual_network,
subnet_name=name,
subnet_parameters=snetmodel,
polling=True,
)
subnet.wait()
sn_result = subnet.result()
result = sn_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def subnet_delete(name, virtual_network, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a subnet.
:param name: The name of the subnet to delete.
:param virtual_network: The virtual network name containing the
subnet.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.subnet_delete testsubnet testnet testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
subnet = netconn.subnets.begin_delete(
resource_group_name=resource_group,
virtual_network_name=virtual_network,
subnet_name=name,
polling=True,
)
subnet.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def virtual_networks_list_all(**kwargs):
"""
.. versionadded:: 2019.2.0
List all virtual networks within a subscription.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.virtual_networks_list_all
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
vnets = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.virtual_networks.list_all()
)
for vnet in vnets:
result[vnet["name"]] = vnet
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def virtual_networks_list(resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all virtual networks within a resource group.
:param resource_group: The resource group name to list virtual networks
within.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.virtual_networks_list testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
vnets = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.virtual_networks.list(resource_group_name=resource_group)
)
for vnet in vnets:
result[vnet["name"]] = vnet
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
# pylint: disable=invalid-name
[docs]
def virtual_network_create_or_update(name, address_prefixes, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Create or update a virtual network.
:param name: The name assigned to the virtual network being
created or updated.
:param address_prefixes: A list of CIDR blocks which can be used
by subnets within the virtual network.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.virtual_network_create_or_update \
testnet ['10.0.0.0/16'] testgroup
"""
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
if not isinstance(address_prefixes, list):
log.error("Address prefixes must be specified as a list!")
return False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
address_space = {"address_prefixes": address_prefixes}
dhcp_options = {"dns_servers": kwargs.get("dns_servers")}
try:
vnetmodel = saltext.azurerm.utils.azurerm.create_object_model(
"network",
"VirtualNetwork",
address_space=address_space,
dhcp_options=dhcp_options,
**kwargs,
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
vnet = netconn.virtual_networks.begin_create_or_update(
virtual_network_name=name,
resource_group_name=resource_group,
parameters=vnetmodel,
polling=True,
)
vnet.wait()
vnet_result = vnet.result()
result = vnet_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def virtual_network_delete(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a virtual network.
:param name: The name of the virtual network to delete.
:param resource_group: The resource group name assigned to the
virtual network
CLI Example:
.. code-block:: bash
salt-call azurerm_network.virtual_network_delete testnet testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
vnet = netconn.virtual_networks.begin_delete(
virtual_network_name=name, resource_group_name=resource_group, polling=True
)
vnet.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def virtual_network_get(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific virtual network.
:param name: The name of the virtual network to query.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.virtual_network_get testnet testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
vnet = netconn.virtual_networks.get(
virtual_network_name=name, resource_group_name=resource_group
)
result = vnet.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def load_balancers_list_all(**kwargs):
"""
.. versionadded:: 2019.2.0
List all load balancers within a subscription.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.load_balancers_list_all
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
load_balancers = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.load_balancers.list_all()
)
for load_balancer in load_balancers:
result[load_balancer["name"]] = load_balancer
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def load_balancers_list(resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all load balancers within a resource group.
:param resource_group: The resource group name to list load balancers
within.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.load_balancers_list testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
load_balancers = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.load_balancers.list(resource_group_name=resource_group)
)
for load_balancer in load_balancers:
result[load_balancer["name"]] = load_balancer
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def load_balancer_get(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific load balancer.
:param name: The name of the load balancer to query.
:param resource_group: The resource group name assigned to the
load balancer.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.load_balancer_get testlb testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
load_balancer = netconn.load_balancers.get(
load_balancer_name=name, resource_group_name=resource_group
)
result = load_balancer.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def load_balancer_create_or_update(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Create or update a load balancer within a specified resource group.
:param name: The name of the load balancer to create.
:param resource_group: The resource group name assigned to the
load balancer.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.load_balancer_create_or_update testlb testgroup
"""
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
if isinstance(kwargs.get("frontend_ip_configurations"), list):
for idx in range(0, len(kwargs["frontend_ip_configurations"])):
# Use Public IP Address name to link to the ID of an existing Public IP
if "public_ip_address" in kwargs["frontend_ip_configurations"][idx]:
pub_ip = public_ip_address_get(
name=kwargs["frontend_ip_configurations"][idx]["public_ip_address"],
resource_group=resource_group,
**kwargs,
)
if "error" not in pub_ip:
kwargs["frontend_ip_configurations"][idx]["public_ip_address"] = {
"id": str(pub_ip["id"])
}
# Use Subnet name to link to the ID of an existing Subnet
elif "subnet" in kwargs["frontend_ip_configurations"][idx]:
vnets = virtual_networks_list(resource_group=resource_group, **kwargs)
if "error" not in vnets:
for vnet in vnets:
subnets = subnets_list(
virtual_network=vnet, resource_group=resource_group, **kwargs
)
if kwargs["frontend_ip_configurations"][idx]["subnet"] in subnets:
kwargs["frontend_ip_configurations"][idx]["subnet"] = {
"id": str(
subnets[kwargs["frontend_ip_configurations"][idx]["subnet"]][
"id"
]
)
}
break
id_url = "/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.Network/loadBalancers/{2}/{3}/{4}"
if isinstance(kwargs.get("load_balancing_rules"), list):
for idx in range(0, len(kwargs["load_balancing_rules"])):
# Link to sub-objects which might be created at the same time as the load balancer
if "frontend_ip_configuration" in kwargs["load_balancing_rules"][idx]:
kwargs["load_balancing_rules"][idx]["frontend_ip_configuration"] = {
"id": id_url.format(
kwargs.get("subscription_id"),
resource_group,
name,
"frontendIPConfigurations",
kwargs["load_balancing_rules"][idx]["frontend_ip_configuration"],
)
}
if "backend_address_pool" in kwargs["load_balancing_rules"][idx]:
kwargs["load_balancing_rules"][idx]["backend_address_pool"] = {
"id": id_url.format(
kwargs.get("subscription_id"),
resource_group,
name,
"backendAddressPools",
kwargs["load_balancing_rules"][idx]["backend_address_pool"],
)
}
if "probe" in kwargs["load_balancing_rules"][idx]:
kwargs["load_balancing_rules"][idx]["probe"] = {
"id": id_url.format(
kwargs.get("subscription_id"),
resource_group,
name,
"probes",
kwargs["load_balancing_rules"][idx]["probe"],
)
}
if isinstance(kwargs.get("inbound_nat_rules"), list):
for idx in range(0, len(kwargs["inbound_nat_rules"])):
# Link to sub-objects which might be created at the same time as the load balancer
if "frontend_ip_configuration" in kwargs["inbound_nat_rules"][idx]:
kwargs["inbound_nat_rules"][idx]["frontend_ip_configuration"] = {
"id": id_url.format(
kwargs.get("subscription_id"),
resource_group,
name,
"frontendIPConfigurations",
kwargs["inbound_nat_rules"][idx]["frontend_ip_configuration"],
)
}
if isinstance(kwargs.get("inbound_nat_pools"), list):
for idx in range(0, len(kwargs["inbound_nat_pools"])):
# Link to sub-objects which might be created at the same time as the load balancer
if "frontend_ip_configuration" in kwargs["inbound_nat_pools"][idx]:
kwargs["inbound_nat_pools"][idx]["frontend_ip_configuration"] = {
"id": id_url.format(
kwargs.get("subscription_id"),
resource_group,
name,
"frontendIPConfigurations",
kwargs["inbound_nat_pools"][idx]["frontend_ip_configuration"],
)
}
if isinstance(kwargs.get("outbound_nat_rules"), list):
for idx in range(0, len(kwargs["outbound_nat_rules"])):
# Link to sub-objects which might be created at the same time as the load balancer
if "frontend_ip_configuration" in kwargs["outbound_nat_rules"][idx]:
kwargs["outbound_nat_rules"][idx]["frontend_ip_configuration"] = {
"id": id_url.format(
kwargs.get("subscription_id"),
resource_group,
name,
"frontendIPConfigurations",
kwargs["outbound_nat_rules"][idx]["frontend_ip_configuration"],
)
}
if "backend_address_pool" in kwargs["outbound_nat_rules"][idx]:
kwargs["outbound_nat_rules"][idx]["backend_address_pool"] = {
"id": id_url.format(
kwargs.get("subscription_id"),
resource_group,
name,
"backendAddressPools",
kwargs["outbound_nat_rules"][idx]["backend_address_pool"],
)
}
try:
lbmodel = saltext.azurerm.utils.azurerm.create_object_model(
"network", "LoadBalancer", **kwargs
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
load_balancer = netconn.load_balancers.begin_create_or_update(
resource_group_name=resource_group,
load_balancer_name=name,
parameters=lbmodel,
polling=True,
)
load_balancer.wait()
lb_result = load_balancer.result()
result = lb_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def load_balancer_delete(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a load balancer.
:param name: The name of the load balancer to delete.
:param resource_group: The resource group name assigned to the
load balancer.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.load_balancer_delete testlb testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
load_balancer = netconn.load_balancers.begin_delete(
load_balancer_name=name, resource_group_name=resource_group, polling=True
)
load_balancer.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def usages_list(location, **kwargs):
"""
.. versionadded:: 2019.2.0
List subscription network usage for a location.
:param location: The Azure location to query for network usage.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.usages_list westus
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
result = saltext.azurerm.utils.azurerm.paged_object_to_list(netconn.usages.list(location))
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def network_interface_delete(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a network interface.
:param name: The name of the network interface to delete.
:param resource_group: The resource group name assigned to the
network interface.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_interface_delete test-iface0 testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nic = netconn.network_interfaces.begin_delete(
network_interface_name=name, resource_group_name=resource_group, polling=True
)
nic.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def network_interface_get(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific network interface.
:param name: The name of the network interface to query.
:param resource_group: The resource group name assigned to the
network interface.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_interface_get test-iface0 testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nic = netconn.network_interfaces.get(
network_interface_name=name, resource_group_name=resource_group
)
result = nic.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
# pylint: disable=invalid-name
[docs]
def network_interface_create_or_update(
name, ip_configurations, subnet, virtual_network, resource_group, **kwargs
):
"""
.. versionadded:: 2019.2.0
Create or update a network interface within a specified resource group.
:param name: The name of the network interface to create.
:param ip_configurations: A list of dictionaries representing valid
NetworkInterfaceIPConfiguration objects. The 'name' key is required at
minimum. At least one IP Configuration must be present.
:param subnet: The name of the subnet assigned to the network interface.
:param virtual_network: The name of the virtual network assigned to the subnet.
:param resource_group: The resource group name assigned to the
virtual network.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_interface_create_or_update test-iface0 [{'name': 'testipconfig1'}] \
testsubnet testnet testgroup
"""
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
# Use NSG name to link to the ID of an existing NSG.
if kwargs.get("network_security_group"):
nsg = network_security_group_get(
name=kwargs["network_security_group"], resource_group=resource_group, **kwargs
)
if "error" not in nsg:
kwargs["network_security_group"] = {"id": str(nsg["id"])}
# Use VM name to link to the ID of an existing VM.
if kwargs.get("virtual_machine"):
vm_instance = __salt__["azurerm_compute.virtual_machine_get"](
name=kwargs["virtual_machine"], resource_group=resource_group, **kwargs
)
if "error" not in vm_instance:
kwargs["virtual_machine"] = {"id": str(vm_instance["id"])}
# Loop through IP Configurations and build each dictionary to pass to model creation.
if isinstance(ip_configurations, list):
subnet = subnet_get(
name=subnet, virtual_network=virtual_network, resource_group=resource_group, **kwargs
)
if "error" not in subnet:
subnet = {"id": str(subnet["id"])}
for ipconfig in ip_configurations:
if "name" in ipconfig:
ipconfig["subnet"] = subnet
if isinstance(ipconfig.get("application_gateway_backend_address_pools"), list):
# TODO: Add ID lookup for referenced object names
pass
if isinstance(ipconfig.get("load_balancer_backend_address_pools"), list):
pool_ids = []
for idx in range(0, len(ipconfig["load_balancer_backend_address_pools"])):
pool_dict = ipconfig["load_balancer_backend_address_pools"][idx]
if isinstance(pool_dict, dict):
if "id" in ipconfig["load_balancer_backend_address_pools"][idx]:
pool_id = ipconfig["load_balancer_backend_address_pools"][idx][
"id"
]
if is_valid_resource_id(pool_id):
# If the pool ID is valid, append it to the list of pool IDs
pool_ids.append({"id": pool_id})
else:
errmsg = "The provided Backend Pool ID is not a valid resource ID string."
log.error(errmsg)
elif all(
key in ipconfig["load_balancer_backend_address_pools"][idx]
for key in ("load_balancer_name", "backend_address_pool_name")
):
try:
lbbep_data = (
netconn.load_balancer_backend_address_pools.get(
resource_group_name=resource_group,
load_balancer_name=ipconfig[
"load_balancer_backend_address_pools"
][idx]["load_balancer_name"],
backend_address_pool_name=ipconfig[
"load_balancer_backend_address_pools"
][idx]["backend_address_pool_name"],
)
)
pool_ids.append({"id": lbbep_data.as_dict()["id"]})
except HttpResponseError as exc:
log.error("There was a cloud error: %s", str(exc))
except KeyError as exc:
log.error(
"There was an error getting the Backend Pool ID: %s",
str(exc),
)
else:
errmsg = "Backend Pool must be provided as a dictionay of \
a valid resource id or backend_address_pool_name and load_balancer_name."
log.error(errmsg)
ipconfig["load_balancer_backend_address_pools"] = pool_ids
if isinstance(ipconfig.get("load_balancer_inbound_nat_rules"), list):
# TODO: Add ID lookup for referenced object names
pass
if ipconfig.get("public_ip_address"):
pub_ip = public_ip_address_get(
name=ipconfig["public_ip_address"],
resource_group=resource_group,
**kwargs,
)
if "error" not in pub_ip:
ipconfig["public_ip_address"] = {"id": str(pub_ip["id"])}
# Make the Network Interface
try:
nicmodel = saltext.azurerm.utils.azurerm.create_object_model(
"network", "NetworkInterface", ip_configurations=ip_configurations, **kwargs
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
interface = netconn.network_interfaces.begin_create_or_update(
resource_group_name=resource_group,
network_interface_name=name,
parameters=nicmodel,
polling=True,
)
interface.wait()
nic_result = interface.result()
result = nic_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def network_interfaces_list_all(**kwargs):
"""
.. versionadded:: 2019.2.0
List all network interfaces within a subscription.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_interfaces_list_all
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nics = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.network_interfaces.list_all()
)
for nic in nics:
result[nic["name"]] = nic
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def network_interfaces_list(resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all network interfaces within a resource group.
:param resource_group: The resource group name to list network
interfaces within.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_interfaces_list testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nics = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.network_interfaces.list(resource_group_name=resource_group)
)
for nic in nics:
result[nic["name"]] = nic
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
# pylint: disable=invalid-name
[docs]
def network_interface_get_effective_route_table(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get all route tables for a specific network interface.
:param name: The name of the network interface to query.
:param resource_group: The resource group name assigned to the
network interface.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_interface_get_effective_route_table test-iface0 testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nic = netconn.network_interfaces.begin_get_effective_route_table(
network_interface_name=name, resource_group_name=resource_group
)
nic.wait()
tables = nic.result()
tables = tables.as_dict()
result = tables["value"]
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
# pylint: disable=invalid-name
[docs]
def network_interface_list_effective_network_security_groups(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get all network security groups applied to a specific network interface.
:param name: The name of the network interface to query.
:param resource_group: The resource group name assigned to the
network interface.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.network_interface_list_effective_network_security_groups test-iface0 testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nic = netconn.network_interfaces.begin_list_effective_network_security_groups(
network_interface_name=name, resource_group_name=resource_group
)
nic.wait()
groups = nic.result()
groups = groups.as_dict()
result = groups["value"]
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
# pylint: disable=invalid-name
[docs]
def list_virtual_machine_scale_set_vm_network_interfaces(
scale_set, vm_index, resource_group, **kwargs
):
"""
.. versionadded:: 2019.2.0
Get information about all network interfaces in a specific virtual machine within a scale set.
:param scale_set: The name of the scale set to query.
:param vm_index: The virtual machine index.
:param resource_group: The resource group name assigned to the
scale set.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.list_virtual_machine_scale_set_vm_network_interfaces testset testvm testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nics = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.network_interfaces.list_virtual_machine_scale_set_vm_network_interfaces(
virtual_machine_scale_set_name=scale_set,
virtualmachine_index=vm_index,
resource_group_name=resource_group,
)
)
for nic in nics:
result[nic["name"]] = nic
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
# pylint: disable=invalid-name
[docs]
def list_virtual_machine_scale_set_network_interfaces(scale_set, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get information about all network interfaces within a scale set.
:param scale_set: The name of the scale set to query.
:param resource_group: The resource group name assigned to the
scale set.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.list_virtual_machine_scale_set_vm_network_interfaces testset testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nics = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.network_interfaces.list_virtual_machine_scale_set_network_interfaces(
virtual_machine_scale_set_name=scale_set,
resource_group_name=resource_group,
)
)
for nic in nics:
result[nic["name"]] = nic
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
# pylint: disable=invalid-name
[docs]
def get_virtual_machine_scale_set_network_interface(
name, scale_set, vm_index, resource_group, **kwargs
):
"""
.. versionadded:: 2019.2.0
Get information about a specific network interface within a scale set.
:param name: The name of the network interface to query.
:param scale_set: The name of the scale set containing the interface.
:param vm_index: The virtual machine index.
:param resource_group: The resource group name assigned to the
scale set.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.get_virtual_machine_scale_set_network_interface test-iface0 testset testvm testgroup
"""
expand = kwargs.get("expand")
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
nic = netconn.network_interfaces.list_virtual_machine_scale_set_vm_network_interfaces(
network_interface_name=name,
virtual_machine_scale_set_name=scale_set,
virtualmachine_index=vm_index,
resource_group_name=resource_group,
exapnd=expand,
)
result = nic.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def public_ip_address_delete(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a public IP address.
:param name: The name of the public IP address to delete.
:param resource_group: The resource group name assigned to the
public IP address.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.public_ip_address_delete test-pub-ip testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
pub_ip = netconn.public_ip_addresses.begin_delete(
public_ip_address_name=name, resource_group_name=resource_group, polling=True
)
pub_ip.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def public_ip_address_get(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific public IP address.
:param name: The name of the public IP address to query.
:param resource_group: The resource group name assigned to the
public IP address.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.public_ip_address_get test-pub-ip testgroup
"""
expand = kwargs.get("expand")
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
pub_ip = netconn.public_ip_addresses.get(
public_ip_address_name=name,
resource_group_name=resource_group,
expand=expand,
)
result = pub_ip.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def public_ip_address_create_or_update(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Create or update a public IP address within a specified resource group.
:param name: The name of the public IP address to create.
:param resource_group: The resource group name assigned to the
public IP address.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.public_ip_address_create_or_update test-ip-0 testgroup
"""
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
pub_ip_model = saltext.azurerm.utils.azurerm.create_object_model(
"network", "PublicIPAddress", **kwargs
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
ip = netconn.public_ip_addresses.begin_create_or_update(
resource_group_name=resource_group,
public_ip_address_name=name,
parameters=pub_ip_model,
polling=True,
)
ip.wait()
ip_result = ip.result()
result = ip_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def public_ip_addresses_list_all(**kwargs):
"""
.. versionadded:: 2019.2.0
List all public IP addresses within a subscription.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.public_ip_addresses_list_all
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
pub_ips = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.public_ip_addresses.list_all()
)
for ip in pub_ips:
result[ip["name"]] = ip
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def public_ip_addresses_list(resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all public IP addresses within a resource group.
:param resource_group: The resource group name to list public IP
addresses within.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.public_ip_addresses_list testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
pub_ips = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.public_ip_addresses.list(resource_group_name=resource_group)
)
for ip in pub_ips:
result[ip["name"]] = ip
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_filter_rule_delete(name, route_filter, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a route filter rule.
:param name: The route filter rule to delete.
:param route_filter: The route filter containing the rule.
:param resource_group: The resource group name assigned to the
route filter.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filter_rule_delete test-rule test-filter testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rule = netconn.route_filter_rules.delete(
resource_group_name=resource_group,
route_filter_name=route_filter,
rule_name=name,
)
rule.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def route_filter_rule_get(name, route_filter, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific route filter rule.
:param name: The route filter rule to query.
:param route_filter: The route filter containing the rule.
:param resource_group: The resource group name assigned to the
route filter.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filter_rule_get test-rule test-filter testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rule = netconn.route_filter_rules.get(
resource_group_name=resource_group,
route_filter_name=route_filter,
rule_name=name,
)
result = rule.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_filter_rule_create_or_update(
name, access, communities, route_filter, resource_group, **kwargs
):
"""
.. versionadded:: 2019.2.0
Create or update a rule within a specified route filter.
:param name: The name of the rule to create.
:param access: The access type of the rule. Valid values are 'Allow' and 'Deny'.
:param communities: A list of BGP communities to filter on.
:param route_filter: The name of the route filter containing the rule.
:param resource_group: The resource group name assigned to the
route filter.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filter_rule_create_or_update \
test-rule allow "['12076:51006']" test-filter testgroup
"""
if not isinstance(communities, list):
log.error("The communities parameter must be a list of strings!")
return False
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rule_model = saltext.azurerm.utils.azurerm.create_object_model(
"network", "RouteFilterRule", access=access, communities=communities, **kwargs
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
rule = netconn.route_filter_rules.create_or_update(
resource_group_name=resource_group,
route_filter_name=route_filter,
rule_name=name,
route_filter_rule_parameters=rule_model,
)
rule.wait()
rule_result = rule.result()
result = rule_result.as_dict()
except HttpResponseError as exc:
message = str(exc)
if kwargs.get("subscription_id") == str(message).strip():
message = "Subscription not authorized for this operation!"
saltext.azurerm.utils.azurerm.log_cloud_error("network", message, **kwargs)
result = {"error": message}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def route_filter_rules_list(route_filter, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all routes within a route filter.
:param route_filter: The route filter to query.
:param resource_group: The resource group name assigned to the
route filter.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filter_rules_list test-filter testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rules = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.route_filter_rules.list_by_route_filter(
resource_group_name=resource_group, route_filter_name=route_filter
)
)
for rule in rules:
result[rule["name"]] = rule
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_filter_delete(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a route filter.
:param name: The name of the route filter to delete.
:param resource_group: The resource group name assigned to the
route filter.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filter_delete test-filter testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
route_filter = netconn.route_filters.delete(
route_filter_name=name, resource_group_name=resource_group
)
route_filter.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def route_filter_get(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific route filter.
:param name: The name of the route table to query.
:param resource_group: The resource group name assigned to the
route filter.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filter_get test-filter testgroup
"""
expand = kwargs.get("expand")
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
route_filter = netconn.route_filters.get(
route_filter_name=name, resource_group_name=resource_group, expand=expand
)
result = route_filter.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_filter_create_or_update(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Create or update a route filter within a specified resource group.
:param name: The name of the route filter to create.
:param resource_group: The resource group name assigned to the
route filter.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filter_create_or_update test-filter testgroup
"""
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rt_filter_model = saltext.azurerm.utils.azurerm.create_object_model(
"network", "RouteFilter", **kwargs
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
rt_filter = netconn.route_filters.create_or_update(
resource_group_name=resource_group,
route_filter_name=name,
route_filter_parameters=rt_filter_model,
)
rt_filter.wait()
rt_result = rt_filter.result()
result = rt_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def route_filters_list(resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all route filters within a resource group.
:param resource_group: The resource group name to list route
filters within.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filters_list testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
filters = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.route_filters.list_by_resource_group(resource_group_name=resource_group)
)
for route_filter in filters:
result[route_filter["name"]] = route_filter
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_filters_list_all(**kwargs):
"""
.. versionadded:: 2019.2.0
List all route filters within a subscription.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_filters_list_all
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
filters = saltext.azurerm.utils.azurerm.paged_object_to_list(netconn.route_filters.list())
for route_filter in filters:
result[route_filter["name"]] = route_filter
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_delete(name, route_table, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a route from a route table.
:param name: The route to delete.
:param route_table: The route table containing the route.
:param resource_group: The resource group name assigned to the
route table.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_delete test-rt test-rt-table testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
route = netconn.routes.begin_delete(
resource_group_name=resource_group,
route_table_name=route_table,
route_name=name,
polling=True,
)
route.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def route_get(name, route_table, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific route.
:param name: The route to query.
:param route_table: The route table containing the route.
:param resource_group: The resource group name assigned to the
route table.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_get test-rt test-rt-table testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
route = netconn.routes.get(
resource_group_name=resource_group,
route_table_name=route_table,
route_name=name,
)
result = route.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_create_or_update(
name,
address_prefix,
next_hop_type,
route_table,
resource_group,
next_hop_ip_address=None,
**kwargs,
):
"""
.. versionadded:: 2019.2.0
Create or update a route within a specified route table.
:param name: The name of the route to create.
:param address_prefix: The destination CIDR to which the route applies.
:param next_hop_type: The type of Azure hop the packet should be sent to. Possible values are:
'VirtualNetworkGateway', 'VnetLocal', 'Internet', 'VirtualAppliance', and 'None'.
:param next_hop_ip_address: Optional IP address to which packets should be forwarded. Next hop
values are only allowed in routes where the next_hop_type is 'VirtualAppliance'.
:param route_table: The name of the route table containing the route.
:param resource_group: The resource group name assigned to the
route table.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_create_or_update test-rt '10.0.0.0/8' test-rt-table testgroup
"""
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rt_model = saltext.azurerm.utils.azurerm.create_object_model(
"network",
"Route",
address_prefix=address_prefix,
next_hop_type=next_hop_type,
next_hop_ip_address=next_hop_ip_address,
**kwargs,
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
route = netconn.routes.begin_create_or_update(
resource_group_name=resource_group,
route_table_name=route_table,
route_name=name,
route_parameters=rt_model,
)
route.wait()
rt_result = route.result()
result = rt_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def routes_list(route_table, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all routes within a route table.
:param route_table: The route table to query.
:param resource_group: The resource group name assigned to the
route table.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.routes_list test-rt-table testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
routes = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.routes.list(resource_group_name=resource_group, route_table_name=route_table)
)
for route in routes:
result[route["name"]] = route
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_table_delete(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Delete a route table.
:param name: The name of the route table to delete.
:param resource_group: The resource group name assigned to the
route table.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_table_delete test-rt-table testgroup
"""
result = False
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
table = netconn.route_tables.begin_delete(
route_table_name=name, resource_group_name=resource_group, polling=True
)
table.wait()
result = True
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
return result
[docs]
def route_table_get(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Get details about a specific route table.
:param name: The name of the route table to query.
:param resource_group: The resource group name assigned to the
route table.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_table_get test-rt-table testgroup
"""
expand = kwargs.get("expand")
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
table = netconn.route_tables.get(
route_table_name=name, resource_group_name=resource_group, expand=expand
)
result = table.as_dict()
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_table_create_or_update(name, resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
Create or update a route table within a specified resource group.
:param name: The name of the route table to create.
:param resource_group: The resource group name assigned to the
route table.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_table_create_or_update test-rt-table testgroup
"""
if "location" not in kwargs:
rg_props = __salt__["azurerm_resource.resource_group_get"](resource_group, **kwargs)
if "error" in rg_props:
log.error("Unable to determine location from resource group specified.")
return False
kwargs["location"] = rg_props["location"]
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
rt_tbl_model = saltext.azurerm.utils.azurerm.create_object_model(
"network", "RouteTable", **kwargs
)
except TypeError as exc:
result = {"error": f"The object model could not be built. ({str(exc)})"}
return result
try:
table = netconn.route_tables.begin_create_or_update(
resource_group_name=resource_group,
route_table_name=name,
parameters=rt_tbl_model,
polling=True,
)
table.wait()
tbl_result = table.result()
result = tbl_result.as_dict()
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
except SerializationError as exc:
result = {"error": f"The object model could not be parsed. ({str(exc)})"}
return result
[docs]
def route_tables_list(resource_group, **kwargs):
"""
.. versionadded:: 2019.2.0
List all route tables within a resource group.
:param resource_group: The resource group name to list route
tables within.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_tables_list testgroup
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
tables = saltext.azurerm.utils.azurerm.paged_object_to_list(
netconn.route_tables.list(resource_group_name=resource_group)
)
for table in tables:
result[table["name"]] = table
except (ResourceNotFoundError, HttpResponseError) as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result
[docs]
def route_tables_list_all(**kwargs):
"""
.. versionadded:: 2019.2.0
List all route tables within a subscription.
CLI Example:
.. code-block:: bash
salt-call azurerm_network.route_tables_list_all
"""
result = {}
netconn = saltext.azurerm.utils.azurerm.get_client("network", **kwargs)
try:
tables = saltext.azurerm.utils.azurerm.paged_object_to_list(netconn.route_tables.list_all())
for table in tables:
result[table["name"]] = table
except HttpResponseError as exc:
saltext.azurerm.utils.azurerm.log_cloud_error("network", str(exc), **kwargs)
result = {"error": str(exc)}
return result