thalesgroup.ciphertrust.cckm_gcp_workspace_cse module – CCKM module for GCP Workspace CSE
Note
This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).
To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust
.
To use it in a playbook, specify: thalesgroup.ciphertrust.cckm_gcp_workspace_cse
.
New in thalesgroup.ciphertrust 1.0.0
Synopsis
This is a Thales CipherTrust Manager module for working with the CipherTrust Manager APIs, more specifically with CCKM for GCP Workspace CSE
Parameters
Parameter |
Comments |
---|---|
List of supported audience for authentication JWT. |
|
List of supported audience for authorization JWT. |
|
List of CORS (Cross-Origin Resource Sharing) to support. |
|
Set true to skip persisting the issuer. All the same validation checks, auto-discovery, and connectivity checks will be performed, and the server will return the same status codes and response body. It can be used to test creating the issuer without modifying the server state. Default value is set to False. Choices:
|
|
ID of KACLS endpoint for Google Workspace CSE to be acted upon |
|
Operation to be performed on KACLS endpoint for Google Workspace CSE Choices:
|
|
Endpoint base url hostname for KACLS endpoint. |
|
Issuer claim of IDP JWT, e.g. https://dev-abc.auth.com |
|
List of trusted issuer IDs to use with this endpoint. These are managed through the /GoogleWorkspaceCSE/issuers URL. If not specified, all the issuers will be trusted. |
|
JWKS url for IDP, e.g. https://dev-abc.auth.com/.well-known/jwks.json |
|
this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM) holds IP/FQDN of the server, username, password, and port |
|
admin password of CM |
|
CM Server IP or FQDN |
|
Port on which CM server is listening Default: |
|
internal or private IP of the CM Server, if different from the server_ip |
|
admin username of CM |
|
if SSL verification is required Choices:
|
|
Additional information associated with the issuer. |
|
Unique name for the KACLS issuer. |
|
Operation to be performed Choices:
|
|
IDP configuration URL, e.g. https://dev-abc.auth.com/.well-known/openid-configuration |
|
The perimeter ID to encrypt with the key |
|
PEM encoded PKCS#1 or PKCS#8 (unencrypted) RSA Private Key. |
Examples
- name: "Create GCP Workspace CSE"
thalesgroup.ciphertrust.cckm_gcp_workspace_cse:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: create