community / community.general / 8.5.0 / module / consul_binding_rule Manipulate Consul binding rules | "added in version" 8.3.0 of community.general" Authors: Florian Apolloner (@apollo13)community.general.consul_binding_rule (8.5.0) — module
Install with ansible-galaxy collection install community.general:==8.5.0
collections: - name: community.general version: 8.5.0
Allows the addition, modification and deletion of binding rules in a consul cluster via the agent. For more details on using and configuring binding rules, see U(https://developer.hashicorp.com/consul/api-docs/acl/binding-rules).
- name: Create a binding rule community.general.consul_binding_rule: name: my_name description: example rule auth_method: minikube bind_type: service bind_name: "{{ serviceaccount.name }}" token: "{{ consul_management_token }}"
- name: Remove a binding rule community.general.consul_binding_rule: name: my_name auth_method: minikube state: absent
host: default: localhost description: - Host of the consul agent, defaults to V(localhost). type: str name: description: - Specifies a name for the binding rule. - 'Note: This is used to identify the binding rule. But since the API does not support a name, it is prefixed to the description.' required: true type: str port: default: 8500 description: - The port on which the consul agent is running. type: int state: choices: - present - absent default: present description: - Whether the binding rule should be present or absent. type: str token: description: - The token to use for authorization. type: str scheme: default: http description: - The protocol scheme on which the consul agent is running. Defaults to V(http) and can be set to V(https) for secure connections. type: str ca_path: description: - The CA bundle to use for https connections type: str selector: description: - Specifies the expression used to match this rule against valid identities returned from an auth method validation. - If empty this binding rule matches all valid identities returned from the auth method. type: str bind_name: description: - The name to bind to a token at login-time. - What it binds to can be adjusted with different values of the O(bind_type) parameter. type: str bind_type: choices: - service - node - role - templated-policy description: - Specifies the way the binding rule affects a token created at login. type: str bind_vars: description: - Specifies the templated policy variables when O(bind_type) is set to V(templated-policy). type: dict auth_method: description: - The name of the auth method that this rule applies to. required: true type: str description: description: - Free form human readable description of the binding rule. type: str validate_certs: default: true description: - Whether to verify the TLS certificate of the consul agent. type: bool
binding_rule: description: The binding rule as returned by the consul HTTP API. returned: always sample: AuthMethod: minikube BindName: '{{ serviceaccount.name }}' BindType: service CreateIndex: 30 Description: 'my_name: example rule' ID: 59c8a237-e481-4239-9202-45f117950c5f ModifyIndex: 33 Selector: serviceaccount.namespace==default type: dict operation: description: The operation performed. returned: changed sample: update type: str