Add support manual_private_link_service_connections to azure_rm_privateendpoint.py

plugins/modules/azure_rm_privateendpoint.py

@@ -40,6 +40,26 @@
                 description:
                     - The ID of the subnet from which the private IP will be allocated.
                 type: str
+    manual_private_link_service_connections:
+        description:
+            - A grouping of information about the connection to the remote resource.
+            - Used when the network admin does not have access to approve connections to the remote resource.
+        type: list
+        elements: dict
+        suboptions:
+            name:
+                description:
+                    - The name of the resource that is unique within a resource group.
+                type: str
+            private_link_service_id:
+                description:
+                    - The resource id of the private endpoint to connect to.
+                type: str
+            group_ids:
+                description:
+                    - The ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to.
+                type: list
+                elements: str
     private_link_service_connections:
         description:
             - A grouping of information about the connection to the remote resource.
@@ -155,6 +175,12 @@
                 returned: always
                 type: str
                 sample: "/subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/fredtestRG-vnet/subnets/default"
+            manual_private_link_service_connections:
+                description:
+                    - The resource id of the private endpoint to connect.
+                returned: always
+                type: list
+                sample: ["/subscriptions/xxx/resourceGroups/myRG/providers/Microsoft.Network/privateEndpoints/point/privateLinkServiceConnections/point02",]
             private_link_service_connections:
                 description:
                     - The resource id of the private endpoint to connect.
@@ -183,6 +209,13 @@
 )
 
 
+manual_private_service_connection_spec = dict(
+    name=dict(type='str'),
+    private_link_service_id=dict(type='str'),
+    group_ids=dict(type='list', elements='str')
+)
+
+
 private_service_connection_spec = dict(
     name=dict(type='str'),
     private_link_service_id=dict(type='str'),
@@ -210,6 +243,7 @@ def __init__(self):
             location=dict(type='str'),
             subnet=dict(type='dict', options=subnet_spec),
             private_link_service_connections=dict(type='list', elements='dict', options=private_service_connection_spec),
+            manual_private_link_service_connections=dict(type='list', elements='dict', options=manual_private_service_connection_spec),
         )
 
         self.resource_group = None
@@ -224,10 +258,12 @@ def __init__(self):
             state=dict()
         )
         self.to_do = Actions.NoAction
+        mutually_exclusive = [['private_link_service_connections', 'manual_private_link_service_connections']]
 
         super(AzureRMPrivateEndpoint, self).__init__(self.module_arg_spec,
                                                      supports_tags=True,
-                                                     supports_check_mode=True)
+                                                     supports_check_mode=True,
+                                                     mutually_exclusive=mutually_exclusive)
 
     def exec_module(self, **kwargs):
 
@@ -329,6 +365,11 @@ def private_endpoints_to_dict(self, privateendpoint):
             results['private_link_service_connections'] = []
             for connections in privateendpoint.private_link_service_connections:
                 results['private_link_service_connections'].append(dict(private_link_service_id=connections.private_link_service_id, name=connections.name))
+        if privateendpoint.manual_private_link_service_connections and len(privateendpoint.manual_private_link_service_connections) > 0:
+            results['manual_private_link_service_connections'] = []
+            for connections in privateendpoint.manual_private_link_service_connections:
+                results['manual_private_link_service_connections'].append(dict(
+                    private_link_service_id=connections.private_link_service_id, name=connections.name))
 
         return results
 

plugins/modules/azure_rm_privateendpoint_info.py

@@ -67,7 +67,7 @@
         id:
             description:
                 - Resource ID of the private endpoint.
-            sample: /subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/privateEndpoints/testprivateendpoint
+            sample: /subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/privateEndpoints/ped01
             returned: always
             type: str
         etag:
@@ -105,29 +105,73 @@
                 - Name of the private endpoint.
             returned: always
             type: str
-            sample: estprivateendpoint
+            sample: ped01
         subnets_id:
             description:
                 - Subnets associated with the virtual network.
             returned: always
             type: str
             sample: "/subscriptions/xxx-xxx-xxx/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/fredtestRG-vnet/subnets/default"
+        manual_private_link_service_connections:
+            description:
+                - The resource id of the private endpoint to connect.
+            returned: when-used
+            type: complex
+            contains:
+                id:
+                    description:
+                        - The resource id of the private endpoint to connect.
+                    returned: always
+                    type: str
+                    sample: "/subscriptions/xxx/resourceGroups/testRG/providers/Microsoft.Network/privateEndpoints/ped01/privateLinkServiceConnections/ped01"
+                name:
+                    description:
+                        - The name of the private endpoint connection.
+                    returned: always
+                    type: str
+                    sample: ped_name01
+                connection_state:
+                    description:
+                        - State details of endpoint connection
+                    type: complex
+                    returned: always
+                    contains:
+                        description:
+                            description:
+                                - The reason for approval/rejection of the connection.
+                            returned: always
+                            type: str
+                            sample: "Auto Approved"
+                        status:
+                            description:
+                                - Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service.
+                            returned: always
+                            type: str
+                            sample: Approved
+                        actions_required:
+                            description:
+                                - A message indicating if changes on the service provider require any updates on the consumer.
+                            type: str
+                            returned: always
+                            sample: "This is action_required string"
         private_link_service_connections:
             description:
                 - The resource id of the private endpoint to connect.
-            returned: always
+            returned: when-used
             type: complex
             contains:
                 id:
                     description:
                         - The resource id of the private endpoint to connect.
                     returned: always
                     type: str
+                    sample: "/subscriptions/xxx/resourceGroups/testRG/providers/Microsoft.Network/privateEndpoints/ped01/privateLinkServiceConnections/ped02"
                 name:
                     description:
                         - The name of the private endpoint connection.
                     returned: always
                     type: str
+                    sample: ped_name02
                 connection_state:
                     description:
                         - State details of endpoint connection
@@ -291,7 +335,16 @@ def privateendpoints_to_dict(self, privateendpoint):
         if privateendpoint.manual_private_link_service_connections and len(privateendpoint.manual_private_link_service_connections) > 0:
             results['manual_private_link_service_connections'] = []
             for connections in privateendpoint.manual_private_link_service_connections:
-                results['manual_private_link_service_connections'].append(connections.id)
+                connection = {}
+                connection['connection_state'] = {}
+                connection['id'] = connections.id
+                connection['name'] = connections.name
+                connection['type'] = connections.type
+                connection['group_ids'] = connections.group_ids
+                connection['connection_state']['status'] = connections.manual_private_link_service_connection_state.status
+                connection['connection_state']['description'] = connections.manual_private_link_service_connection_state.description
+                connection['connection_state']['actions_required'] = connections.manual_private_link_service_connection_state.actions_required
+                results['manual_private_link_service_connections'].append(connection)
         return results
 
 

tests/integration/targets/azure_rm_privateendpoint/tasks/main.yml

@@ -34,7 +34,7 @@
           - westus
   register: subnet_output
 
-- name: Create instance of PostgreSQL Server
+- name: Create instance of PostgreSQL Server --- first
   azure_rm_postgresqlserver:
     resource_group: "{{ resource_group }}"
     name: postgresqlsrv{{ rpfx }}
@@ -48,6 +48,20 @@
     admin_password: "{{ password }}"
   register: post_output
 
+- name: Create instance of PostgreSQL Server --- secondary
+  azure_rm_postgresqlserver:
+    resource_group: "{{ resource_group }}"
+    name: "postgresqlsrv{{ rpfx }}02"
+    sku:
+      name: GP_Gen5_2
+      tier: GeneralPurpose
+    location: eastus
+    storage_mb: 51200
+    enforce_ssl: true
+    admin_username: zimxyz
+    admin_password: "{{ password }}"
+  register: post_output02
+
 - name: Delete private endpoint, makesure there is no private endpoint exist
   azure_rm_privateendpoint:
     name: privateendpoint{{ rpfx }}
@@ -134,6 +148,31 @@
       - output.privateendpoints[0].provisioning_state == "Succeeded"
       - output.privateendpoints[0].tags | length == 2
 
+- name: Create secondary private endpoint with manual_private_link_service_connections parameters
+  azure_rm_privateendpoint:
+    name: "privateendpoint{{ rpfx }}02"
+    resource_group: "{{ resource_group }}"
+    manual_private_link_service_connections:
+      - name: privateEndpoints_test_name02
+        private_link_service_id: "{{ post_output02.id }}"
+        group_ids:
+          - postgresqlServer
+    subnet:
+      id: "{{ subnet_output.state.id }}"
+  register: output
+
+- name: Assert the secondary private endpoint created
+  ansible.builtin.assert:
+    that:
+      - output.changed
+
+- name: Delete the secondary private endpoint
+  azure_rm_privateendpoint:
+    name: "privateendpoint{{ rpfx }}02"
+    resource_group: "{{ resource_group }}"
+    state: absent
+  register: output
+
 - name: Delete private endpoint
   azure_rm_privateendpoint:
     name: privateendpoint{{ rpfx }}