/ home / abaez / abaez.hashicluster / 1.9.100 / module / consul_acl_role

abaez.hashicluster.consul_acl_role (1.9.100) — module

Consul ACL role management for v1.5.0

| "added in version" N/A of abaez.hashicluster"

Authors: Alejandro Baez (@abaez)

preview | supported by community

Install collection

Install with ansible-galaxy collection install abaez.hashicluster:==1.9.100

Add to requirements.yml

  collections:
    - name: abaez.hashicluster
      version: 1.9.100

Description

The module is to allow the ability to add an acl role for consul.

Uses the new format introduced to consul on v1.5.0.

For more information over consul's role acl, go here: https://www.consul.io/api/acl/roles.html

Requirements

consulate
requests
requests_unixsocket (when using unix sockets)

Usage examples

Scanned by Steampunk Spotter

# Pass in a message
- name: Test with a message
  consul_acl_policy:
    name: hello world

Scanned by Steampunk Spotter

# pass in a message and have changed true
- name: Test with a message and changed output
  consul_acl_policy:
    name: hello world
    new: true

Scanned by Steampunk Spotter

# fail the module
- name: Test failure of the module
  consul_acl_policy:
    name: fail me

Inputs

    
name:
    description:
    - A unique name of the role you wish to create or modify.
    - Required when C(state=present)
    required: false
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Whether the role should be present or absent from consul
    required: false
    type: str

address:
    default: The environment variable CONSUL_HTTP_ADDR
    description:
    - The url to connect to consul. Using '<schema>//<domain>:<port>'.
    - For a unix domain socket, give 'unix:' with literal location.
    - 'Example: ''unix:///var/run/consul/http.sock''.'
    required: true
    type: str

role_id:
    description:
    - A UUID of an already existing role.
    - You must define when modifying an existing role.
    required: false
    type: str

policies:
    description:
    - A list of PolicyLink (a map with ID or Name of the token).
    - 'See the consul API for examples of a PolicyLink: https://www.consul.io/api/acl/roles.html#policies'
    required: false
    type: list()

description:
    description:
    - A readable short description of the role.
    required: false
    type: str

management_token:
    default: The environment variable CONSUL_HTTP_TOKEN
    description:
    - A token with permissions to create or modify the role.
    required: true
    type: str

service_identities:
    description:
    - A list of services to filter the token.
    - The list contains only ServiceIdenty (a map with ServiceName for the service).
    - 'See the Consul API for example of a ServiceIdentity: https://www.consul.io/api/acl/roles.html#serviceidentities'
    required: false
    type: list()

Outputs

changed:
  description: Whether the role has been created or modified.
  returned: always
  type: bool
description:
  description: A short description of the role.
  returned: success and I(status) != "absent
  type: str
policies:
  description: A policy list given by 'Name' or 'ID' of role.
  returned: success
  sample:
  - Name: some_policy
  - ID: 5d23a68c-323e-4559-b2dc-6d07b82301af
role_id:
  description: A UUID for the given role.
  returned: success
  sample: a2ec332f-04cf-6fba-e8b8-acf62444d3da
  type: str
service_identities:
  description: A list of services to filter use for role.
  returned: changed
  sample:
  - ServiceIdentity: web
  - ServiceIdentities:
    - dc1
    ServiceIdentity: db1
  type: list()