thalesgroup.ciphertrust.cte_csi_storage_group module – Manage CTE CSI Storage Group
Note
This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).
To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust.
To use it in a playbook, specify: thalesgroup.ciphertrust.cte_csi_storage_group.
New in thalesgroup.ciphertrust 1.0.0
Synopsis
Define and manage CipherTrust Transparent Encryption (CTE) Container Storage Interface (CSI) and also add guard policies and clients to the same.
This will allow administrator to apply data protection/reveal based on the client or the guard points.
Parameters
Parameter |
Comments |
|---|---|
Identifier of the client added added to the CSI Group |
|
List of identifiers of clients to be associated with the client group. This identifier can be the name or UUID. |
|
Optional Client Profile for the storage group. If not provided, the default profile will be used |
|
Optional description for the storage group |
|
Identifier of the guard point added to the CSI Group |
|
Enable or disable the GuardPolicy. Set to true to enable, false to disable. Choices:
|
|
Identifier of the CTE CSI Storage Group to be patched |
|
Name of the K8s namespace |
|
Name of the K8s StorageClass |
|
this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM) holds IP/FQDN of the server, username, password, and port |
|
admin password of CM |
|
CM Server IP or FQDN |
|
Port on which CM server is listening Default: |
|
internal or private IP of the CM Server, if different from the server_ip |
|
admin username of CM |
|
if SSL verification is required Choices:
|
|
Name to uniquely identify the CSI storage group. This name will be visible on the CipherTrust Manager |
|
Operation to be performed Choices:
|
|
List of CSI policy identifiers to be associated with the storage group. This identifier can be the name or UUID. |
Examples
- name: "Create CSI Storage Group"
thalesgroup.ciphertrust.cte_csi_storage_group:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: create
name: AnsibleCSI_SG_1
k8s_namespace: AnsibleK8s_NS_1
k8s_storage_class: AnsibleK8s_SC_1
description: "Test CSIStorageGroup"
client_profile: DefaultClientProfile
register: csi_sg
- name: "Edit CSI Storage Group"
thalesgroup.ciphertrust.cte_csi_storage_group:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: create
id: "{{ csi_sg['response']['id'] }}"
description: "Test CSIStorageGroup Updated"
client_profile: DefaultClientProfile
- name: "Add clients to the CSI Storage Group"
thalesgroup.ciphertrust.cte_csi_storage_group:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: add_client
id: "{{ csi_sg['response']['id'] }}"
client_list:
- Client1
- Client2
- name: "Add guarpolicy to the CSI Storage Group"
thalesgroup.ciphertrust.cte_csi_storage_group:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: add_guard_point
id: "{{ csi_sg['response']['id'] }}"
policy_list:
- CSI_Policy_1
- CSI_Policy_2