thalesgroup.ciphertrust.cckm_az_certificate module – CCKM module for Azure Certificates

Note

This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).

To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust.

To use it in a playbook, specify: thalesgroup.ciphertrust.cckm_az_certificate.

New in thalesgroup.ciphertrust 1.0.0

Synopsis

  • This is a Thales CipherTrust Manager module for working with the CipherTrust Manager APIs, more specifically with CCKM for Azure Certificates API

Parameters

Parameter

Comments

attributes

dictionary

Secret attributes to be updated.

azure_param

dictionary

Azure certificate parameters.

caid

string

ID or name of the certificate authority.

cert_name

string

Name for the certificate on Azure. Certificate names can only contain alphanumeric characters and hyphens (-).

certificate_id

string

Azure Certificate ID to be acted upon

certificate_op_type

string

Action to be performed on Certificate

Choices:

  • "soft-delete"

  • "hard-delete"

  • "restore"

  • "recover"

job_id

string

Sync Job ID to be updated

key_vault

string

ID or name of the Azure vault where the certificate will be created.

key_vaults

list / elements=string

Name or ID of key vaults from which Azure secrets will be synchronized. synchronize_all and key_vaults are mutually exclusive. Specify either the synchronize_all or key_vaults.

localNode

dictionary / required

this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM)

holds IP/FQDN of the server, username, password, and port

password

string / required

admin password of CM

server_ip

string / required

CM Server IP or FQDN

server_port

integer / required

Port on which CM server is listening

Default: 5432

server_private_ip

string / required

internal or private IP of the CM Server, if different from the server_ip

user

string / required

admin username of CM

verify

boolean / required

if SSL verification is required

Choices:

  • false ← (default)

  • true

op_type

string / required

Operation to be performed

Choices:

  • "create"

  • "update"

  • "certificate_op"

  • "create-sync-job"

  • "cancel-sync-job"

  • "import"

password

string

Password of the private key, if encrypted.

private_key_pem

string

Private key in PEM format.

source_cert_identifier

string

ID of the certificate that will be imported into the Azure vault.

synchronize_all

boolean

Set true to synchronize all certificates from all vaults. synchronize_all and key_vaults are mutually exclusive. Specify either the synchronize_all or key_vaults.

Choices:

  • false

  • true

tags

dictionary

Application specific metadata in the form of key-value pair.

Examples

- name: "Create Azure Certificate"
  thalesgroup.ciphertrust.cckm_az_certificate:
    localNode:
        server_ip: "IP/FQDN of CipherTrust Manager"
        server_private_ip: "Private IP in case that is different from above"
        server_port: 5432
        user: "CipherTrust Manager Username"
        password: "CipherTrust Manager Password"
        verify: false
    op_type: create

Authors

  • Anurag Jain, Developer Advocate Thales Group