Azure (ARM) DNS State Module
New in version 3000.
Warning
This cloud provider will be removed from Salt in version 3007 in favor of the saltext.azurerm Salt Extension
new
azure >= 2.0.0
azure-common >= 1.1.8
azure-mgmt >= 1.0.0
azure-mgmt-compute >= 1.0.0
azure-mgmt-dns >= 1.0.1
azure-mgmt-network >= 1.7.1
azure-mgmt-resource >= 1.1.0
azure-mgmt-storage >= 1.0.0
azure-mgmt-web >= 0.32.0
azure-storage >= 0.34.3
msrestazure >= 0.4.21
linux
This module requires Azure Resource Manager credentials to be passed as a dictionary of
keyword arguments to the connection_auth
parameter in order to work properly. Since the authentication
parameters are sensitive, it's recommended to pass them to the states via pillar.
Required provider parameters:
if using username and password:
subscription_id
username
password
if using a service principal:
subscription_id
tenant
client_id
secret
Optional provider parameters:
cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:
Possible values:
AZURE_PUBLIC_CLOUD
(default)
AZURE_CHINA_CLOUD
AZURE_US_GOV_CLOUD
AZURE_GERMAN_CLOUD
Example Pillar for Azure Resource Manager authentication:
azurearm: user_pass_auth: subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617 username: fletch password: 123pass mysubscription: subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617 tenant: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF client_id: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF secret: XXXXXXXXXXXXXXXXXXXXXXXX cloud_environment: AZURE_PUBLIC_CLOUDExample states using Azure Resource Manager authentication:
{% set profile = salt['pillar.get']('azurearm:mysubscription') %} Ensure DNS zone exists: azurearm_dns.zone_present: - name: contoso.com - resource_group: my_rg - tags: how_awesome: very contact_name: Elmer Fudd Gantry - connection_auth: {{ profile }} Ensure DNS record set exists: azurearm_dns.record_set_present: - name: web - zone_name: contoso.com - resource_group: my_rg - record_type: A - ttl: 300 - arecords: - ipv4_address: 10.0.0.1 - tags: how_awesome: very contact_name: Elmer Fudd Gantry - connection_auth: {{ profile }} Ensure DNS record set is absent: azurearm_dns.record_set_absent: - name: web - zone_name: contoso.com - resource_group: my_rg - record_type: A - connection_auth: {{ profile }} Ensure DNS zone is absent: azurearm_dns.zone_absent: - name: contoso.com - resource_group: my_rg - connection_auth: {{ profile }}
New in version 3000.
Ensure a record set does not exist in the DNS zone.
name -- Name of the record set.
zone_name -- Name of the DNS zone.
resource_group -- The resource group assigned to the DNS zone.
connection_auth -- A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.
New in version 3000.
Ensure a record set exists in a DNS zone.
name -- The name of the record set, relative to the name of the zone.
zone_name -- Name of the DNS zone (without a terminating dot).
resource_group -- The resource group assigned to the DNS zone.
record_type -- The type of DNS record in this record set. Record sets of type SOA can be updated but not created (they are created when the DNS zone is created). Possible values include: 'A', 'AAAA', 'CAA', 'CNAME', 'MX', 'NS', 'PTR', 'SOA', 'SRV', 'TXT'
if_match -- The etag of the record set. Omit this value to always overwrite the current record set. Specify the last-seen etag value to prevent accidentally overwritting any concurrent changes.
if_none_match -- Set to '*' to allow a new record set to be created, but to prevent updating an existing record set. Other values will be ignored.
etag -- The etag of the record set. Etags are used to handle concurrent changes to the same resource safely.
metadata -- A dictionary of strings can be passed as tag metadata to the record set object.
ttl -- The TTL (time-to-live) of the records in the record set. Required when specifying record information.
arecords -- The list of A records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
aaaa_records -- The list of AAAA records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
mx_records -- The list of MX records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
ns_records -- The list of NS records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
ptr_records -- The list of PTR records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
srv_records -- The list of SRV records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
txt_records -- The list of TXT records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
cname_record -- The CNAME record in the record set. View the Azure SDK documentation to create a dictionary representing the record object.
soa_record -- The SOA record in the record set. View the Azure SDK documentation to create a dictionary representing the record object.
caa_records -- The list of CAA records in the record set. View the Azure SDK documentation to create a list of dictionaries representing the record objects.
connection_auth -- A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.
Example usage:
Ensure record set exists:
azurearm_dns.record_set_present:
- name: web
- zone_name: contoso.com
- resource_group: my_rg
- record_type: A
- ttl: 300
- arecords:
- ipv4_address: 10.0.0.1
- metadata:
how_awesome: very
contact_name: Elmer Fudd Gantry
- connection_auth: {{ profile }}
New in version 3000.
Ensure a DNS zone does not exist in the resource group.
name -- Name of the DNS zone.
resource_group -- The resource group assigned to the DNS zone.
connection_auth -- A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.
New in version 3000.
Ensure a DNS zone exists.
name -- Name of the DNS zone (without a terminating dot).
resource_group -- The resource group assigned to the DNS zone.
etag -- The etag of the zone. Etags are used to handle concurrent changes to the same resource safely.
if_match -- The etag of the DNS zone. Omit this value to always overwrite the current zone. Specify the last-seen etag value to prevent accidentally overwritting any concurrent changes.
if_none_match -- Set to '*' to allow a new DNS zone to be created, but to prevent updating an existing zone. Other values will be ignored.
registration_virtual_networks --
A list of references to virtual networks that register hostnames in this DNS zone. This is only when zone_type is Private. (requires azure-mgmt-dns >= 2.0.0rc1)
resolution_virtual_networks --
A list of references to virtual networks that resolve records in this DNS zone. This is only when zone_type is Private. (requires azure-mgmt-dns >= 2.0.0rc1)
tags -- A dictionary of strings can be passed as tag metadata to the DNS zone object.
zone_type --
(requires azure-mgmt-dns >= 2.0.0rc1)
connection_auth -- A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.
Example usage:
Ensure DNS zone exists:
azurearm_dns.zone_present:
- name: contoso.com
- resource_group: my_rg
- zone_type: Private
- registration_virtual_networks:
- /subscriptions/{{ sub }}/resourceGroups/my_rg/providers/Microsoft.Network/virtualNetworks/test_vnet
- tags:
how_awesome: very
contact_name: Elmer Fudd Gantry
- connection_auth: {{ profile }}