thalesgroup.ciphertrust.connection_manager_azure module – Manage connections to the Azure cloud
Note
This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).
To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust
.
To use it in a playbook, specify: thalesgroup.ciphertrust.connection_manager_azure
.
New in thalesgroup.ciphertrust 1.0.0
Synopsis
This is a Thales CipherTrust Manager module for working with the CipherTrust Manager APIs, more specifically with Connection Manager API for Azure
Parameters
Parameter |
Comments |
---|---|
Azure stack active directory authority URL Default: |
|
Azure stack connection type Default: |
|
Azure stack server certificate Default: |
|
Duration in days for which the azure certificate is valid, default (730 i.e. 2 Years) Default: |
|
User has the option to upload external certificate for Azure Cloud connection. This option cannot be used with option is_certificate_used and client_secret.User first has to generate a new Certificate Signing Request (CSR) in POST /v1/connectionmgmt/connections/csr. The generated CSR can be signed with any internal or external CA. The Certificate must have an RSA key strength of 2048 or 4096. User can also update the new external certificate in the existing connection in Update (PATCH) API call. Any unused certificate will automatically deleted in 24 hours. Default: |
|
Unique Identifier (client ID) for the Azure application Default: |
|
Secret key for the Azure application. Required in Azure Stack connection. Default: |
|
Name of the cloud Default: |
|
Unique ID of the connection to be updated Default: |
|
Description about the connection Default: |
|
User has the option to choose the Certificate Authentication method instead of Client Secret for Azure Cloud connection. In order to use the Certificate, set it to true. Once the connection is created, in the response user will get a certificate. By default, the certificate is valid for 2 Years. User can update the certificate in the existing connection by setting it to true in Update (PATCH) API call. Choices:
|
|
Azure stack key vault dns suffix Default: |
|
this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM) holds IP/FQDN of the server, username, password, and port |
|
admin password of CM |
|
CM Server IP or FQDN |
|
Port on which CM server is listening Default: |
|
internal or private IP of the CM Server, if different from the server_ip |
|
admin username of CM |
|
if SSL verification is required Choices:
|
|
Azure stack management URL Default: |
|
Optional end-user or service data stored with the connection |
|
Unique connection name Default: |
|
Operation to be performed Choices:
|
|
Array of the CipherTrust products associated with the connection. Default: |
|
Azure stack resource manager URL Default: |
|
Tenant ID of the Azure application Default: |
|
Azure stack vault service resource URL Default: |
Examples
- name: "Create Azure Connection"
thalesgroup.ciphertrust.connection_manager_azure:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: create
name: azure-connection
products:
- cckm
client_secret: 3bf0dbe6-a2c7-431d-9a6f-4843b74c71285nfjdu2
cloud_name: AzureCloud
client_id: 3bf0dbe6-a2c7-431d-9a6f-4843b74c7e12
tenant_id: 3bf0dbe6-a2c7-431d-9a6f-4843b74c71285nfjdu2
- name: "Update Azure Connection"
thalesgroup.ciphertrust.connection_manager_azure:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: patch