thalesgroup.ciphertrust.connection_manager_aws module – Manage connections to the AWS cloud

Note

This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).

To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust.

To use it in a playbook, specify: thalesgroup.ciphertrust.connection_manager_aws.

New in thalesgroup.ciphertrust 1.0.0

Synopsis

• This is a Thales CipherTrust Manager module for working with the CipherTrust Manager APIs, more specifically with Connection Manager API for AWS

Parameters

Parameter	Comments
access_key_id string / required	Key ID of the AWS user Default: "none"
assume_role_arn string	AWS IAM role ARN Default: "none"
assume_role_external_id string	AWS role external ID Default: "none"
aws_region string	AWS region. only used when aws_sts_regional_endpoints is equal to regional otherwise, it takes default values according to Cloud Name given. Default: "none"
aws_sts_regional_endpoints string	By default, AWS Security Token Service (AWS STS) is available as a global service, and all AWS STS requests go to a single endpoint at https://sts.amazonaws.com. Global requests map to the US East (N. Virginia) Region. AWS recommends using Regional AWS STS endpoints instead of the global endpoint to reduce latency, build in redundancy, and increase session token validity. Default: "none"
cloud_name string	Name of the cloud Default: "none"
connection_id string	Unique ID of the connection to be updated Default: "none"
description string	Description about the connection Default: "none"
localNode dictionary / required	this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM) holds IP/FQDN of the server, username, password, and port
password string / required	admin password of CM
server_ip string / required	CM Server IP or FQDN
server_port integer / required	Port on which CM server is listening Default: 5432
server_private_ip string / required	internal or private IP of the CM Server, if different from the server_ip
user string / required	admin username of CM
verify boolean / required	if SSL verification is required Choices: false ← (default) true
meta dictionary	Optional end-user or service data stored with the connection
name string / required	Unique connection name Default: "none"
op_type string / required	Operation to be performed Choices: "create" "patch"
products list / elements=string	Array of the CipherTrust products associated with the connection.
secret_access_key string / required	Secret associated with the access key ID of the AWS user Default: "none"

Examples

- name: "Create AWS Connection"
  thalesgroup.ciphertrust.connection_manager_aws:
    localNode:
        server_ip: "IP/FQDN of CipherTrust Manager"
        server_private_ip: "Private IP in case that is different from above"
        server_port: 5432
        user: "CipherTrust Manager Username"
        password: "CipherTrust Manager Password"
        verify: false
    op_type: create
    name: aws-connection
    products:
      - cckm
    access_key_id: "Sample ID"
    secret_access_key: "Sample Secret"
    cloud_name: aws

- name: "Update AWS Connection"
  thalesgroup.ciphertrust.connection_manager_aws:
    localNode:
        server_ip: "IP/FQDN of CipherTrust Manager"
        server_private_ip: "Private IP in case that is different from above"
        server_port: 5432
        user: "CipherTrust Manager Username"
        password: "CipherTrust Manager Password"
        verify: false
    op_type: patch

Authors

• Anurag Jain, Developer Advocate Thales Group

Collection links

Issue Tracker Homepage Repository (Sources)