thalesgroup.ciphertrust.connection_manager_scp module – Manage SCP connections to external systems

Note

This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).

To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust.

To use it in a playbook, specify: thalesgroup.ciphertrust.connection_manager_scp.

New in thalesgroup.ciphertrust 1.0.0

Synopsis

  • This is a Thales CipherTrust Manager module for working with the CipherTrust Manager APIs, more specifically with Connection Manager API for SCP

Parameters

Parameter

Comments

auth_method

string

Authentication type for SCP. Accepted values are “key” or “password”

Default: "none"

connection_id

string

Unique ID of the connection to be updated

Default: "none"

description

string

Description about the connection

Default: "none"

host

string

Hostname or FQDN of SCP

Default: "none"

localNode

dictionary / required

this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM)

holds IP/FQDN of the server, username, password, and port

password

string / required

admin password of CM

server_ip

string / required

CM Server IP or FQDN

server_port

integer / required

Port on which CM server is listening

Default: 5432

server_private_ip

string / required

internal or private IP of the CM Server, if different from the server_ip

user

string / required

admin username of CM

verify

boolean / required

if SSL verification is required

Choices:

  • false ← (default)

  • true

meta

dictionary

Optional end-user or service data stored with the connection

name

string / required

Unique connection name

Default: "none"

op_type

string / required

Operation to be performed

Choices:

  • "create"

  • "patch"

password

string

Password for SCP

Default: "none"

path_to

string

A path where the file to be copied via SCP. Example “/home/ubuntu/datafolder/”

Default: "none"

port

string

Port where SCP service runs on host (usually 22)

Default: "none"

products

list / elements=string

Array of the CipherTrust products associated with the connection.

Default: ["none"]

public_key

string

Public key of destination host machine. It will be used to verify the host’s identity by verifying key fingerprint. You can find it in /etc/ssh/ at host machine.

Default: "none"

username

string

Username for accessing SCP

Default: "none"

Examples

- name: "Create SCP Connection"
  thalesgroup.ciphertrust.connection_manager_scp:
    localNode:
        server_ip: "IP/FQDN of CipherTrust Manager"
        server_private_ip: "Private IP in case that is different from above"
        server_port: 5432
        user: "CipherTrust Manager Username"
        password: "CipherTrust Manager Password"
        verify: false
    op_type: create
    name: "Syslog Connection"
    products:
      - backup/restore
    host: 1.2.3.4
    port: 22
    username: user
    auth_method: Password
    password: password
    path_to: "/home/path/to/directory/"
    public_key: "key"

- name: "Update SCP Connection"
  thalesgroup.ciphertrust.connection_manager_scp:
    localNode:
        server_ip: "IP/FQDN of CipherTrust Manager"
        server_private_ip: "Private IP in case that is different from above"
        server_port: 5432
        user: "CipherTrust Manager Username"
        password: "CipherTrust Manager Password"
        verify: false
    op_type: patch

Authors

  • Anurag Jain, Developer Advocate Thales Group