thalesgroup.ciphertrust.domain_save module – Create or manage domains
Note
This module is part of the thalesgroup.ciphertrust collection (version 1.0.0).
To install it, use: ansible-galaxy collection install thalesgroup.ciphertrust
.
To use it in a playbook, specify: thalesgroup.ciphertrust.domain_save
.
New in thalesgroup.ciphertrust 1.0.0
Synopsis
This is a Thales CipherTrust Manager module for working with the CipherTrust Manager APIs, more specifically with domains management API
Parameters
Parameter |
Comments |
---|---|
List of administrators for the domain Default: |
|
To allow user creation and management in the domain, set it to true Choices:
|
|
HSM connection ID pertaining to the domain KEK Default: |
|
Label of the target domain KEK Default: |
|
The ID of the HSM connection. Required for HSM-anchored domains. Default: |
|
Optional name field for the domain KEK for an HSM-anchored domain. If not provided, a random UUID is assigned for KEK label. Default: |
|
Identifier of the domain to be patched |
|
this holds the connection parameters required to communicate with an instance of CipherTrust Manager (CM) holds IP/FQDN of the server, username, password, and port |
|
admin password of CM |
|
CM Server IP or FQDN |
|
Port on which CM server is listening Default: |
|
internal or private IP of the CM Server, if different from the server_ip |
|
admin username of CM |
|
if SSL verification is required Choices:
|
|
Optional end-user or service data stored with the domain. |
|
The name of the domain Default: |
|
Operation to be performed Choices:
|
|
This optional parameter is the ID or URI of the parent domain’s CA. This CA is used for signing the default CA of a newly created sub-domain. The oldest CA in the parent domain is used if this value is not supplied. Default: |
Examples
- name: "Create Domain"
thalesgroup.ciphertrust.domain_save:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: create
admins:
- local|4d1c26ab-8730-4d44-af5c-9a8641d0266d
- local|c7cf4efc-df81-4446-a30e-2dd5badf44b4
name: AnsibleDomain
parent_ca_id: a5e0fa8a-a7f7-434c-ade8-f84de040269a
- name: "Patch Domain"
thalesgroup.ciphertrust.domain_save:
localNode:
server_ip: "IP/FQDN of CipherTrust Manager"
server_private_ip: "Private IP in case that is different from above"
server_port: 5432
user: "CipherTrust Manager Username"
password: "CipherTrust Manager Password"
verify: false
op_type: patch
domain_id: "ID_STRING"
connection_id: "ID_STRING"