Try SpotterManipulate Consul auth methods
| "added in version" 8.3.0 of community.general"
Authors: Florian Apolloner (@apollo13)
Install with ansible-galaxy collection install community.general:==8.5.0
collections:
- name: community.general
version: 8.5.0Allows the addition, modification and deletion of auth methods in a consul cluster via the agent. For more details on using and configuring ACLs, see U(https://www.consul.io/docs/guides/acl.html).
- name: Create an auth method
community.general.consul_auth_method:
name: test
type: jwt
config:
jwt_validation_pubkeys:
- |
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1LfVLPHCozMxH2Mo
4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0/IzW7yWR7QkrmBL7jTKEn5u
+qKhbwKfBstIs+bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyeh
kd3qqGElvW/VDL5AaWTg0nLVkjRo9z+40RQzuVaE8AkAFmxZzow3x+VJYKdjykkJ
0iT9wCS0DRTXu269V264Vf/3jvredZiKRkgwlL9xNAwxXFg0x/XFw005UWVRIkdg
cKWTjpBP2dPwVZ4WWC+9aGVd+Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbc
mwIDAQAB
-----END PUBLIC KEY-----
token: "{{ consul_management_token }}"
- name: Delete auth method
community.general.consul_auth_method:
name: test
state: absent
token: "{{ consul_management_token }}"
host:
default: localhost
description:
- Host of the consul agent, defaults to V(localhost).
type: str
name:
description:
- Specifies a name for the ACL auth method.
- The name can contain alphanumeric characters, dashes C(-), and underscores C(_).
required: true
type: str
port:
default: 8500
description:
- The port on which the consul agent is running.
type: int
type:
choices:
- kubernetes
- jwt
- oidc
- aws-iam
description:
- The type of auth method being configured.
- This field is immutable.
- Required when the auth method is created.
type: str
state:
choices:
- present
- absent
default: present
description:
- Whether the token should be present or absent.
type: str
token:
description:
- The token to use for authorization.
type: str
config:
description:
- The raw configuration to use for the chosen auth method.
- Contents will vary depending upon the type chosen.
- Required when the auth method is created.
type: dict
scheme:
default: http
description:
- The protocol scheme on which the consul agent is running. Defaults to V(http) and
can be set to V(https) for secure connections.
type: str
ca_path:
description:
- The CA bundle to use for https connections
type: str
description:
description:
- Free form human readable description of the auth method.
type: str
display_name:
description:
- An optional name to use instead of O(name) when displaying information about this
auth method.
type: str
max_token_ttl:
description:
- This specifies the maximum life of any token created by this auth method.
- Can be specified in the form of V(60s) or V(5m) (that is, 60 seconds or 5 minutes,
respectively).
type: str
token_locality:
choices:
- local
- global
description:
- Defines the kind of token that this auth method should produce.
type: str
validate_certs:
default: true
description:
- Whether to verify the TLS certificate of the consul agent.
type: bool
auth_method:
description: The auth method as returned by the consul HTTP API.
returned: always
sample:
Config:
JWTValidationPubkeys:
- '-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1LfVLPHCozMxH2Mo
4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0/IzW7yWR7QkrmBL7jTKEn5u
+qKhbwKfBstIs+bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyeh
kd3qqGElvW/VDL5AaWTg0nLVkjRo9z+40RQzuVaE8AkAFmxZzow3x+VJYKdjykkJ
0iT9wCS0DRTXu269V264Vf/3jvredZiKRkgwlL9xNAwxXFg0x/XFw005UWVRIkdg
cKWTjpBP2dPwVZ4WWC+9aGVd+Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbc
mwIDAQAB
-----END PUBLIC KEY-----'
CreateIndex: 416
ModifyIndex: 487
Name: test
Type: jwt
type: dict
operation:
description: The operation performed.
returned: changed
sample: update
type: str