Try SpotterHorizon lookup plugin
Authors: Evertrust R&D (@EverTrust)
Install with ansible-galaxy collection install evertrust.horizon:==1.3.0
collections:
- name: evertrust.horizon
version: 1.3.0Retrieve certificate's information from Horizon.
fields:
choices:
- _id
- certificate
- discoveredTrusted
- dn
- holderId
- issuer
- keyType
- labels
- metadata
- module
- notAfter
- notBefore
- owner
- profile
- revocationDate
- revocationReason
- serial
- signingAlgorithm
- subjectAlternateNames
- thirdPartyData
description:
- Fields to be retrieved from Horizon.
- If omitted, all fields will be returned.
elements: string
type: list
endpoint:
description:
- Your Horizon instance base endpoint.
- It must include the protocol (https://) and no trailing slash nor path.
required: true
type: str
x_api_id:
description:
- Horizon identifier
- Required if you use credentials authentication
required: false
type: str
ca_bundle:
description:
- Path of a CA bundle used to validate the Horizon instance SSL certificate.
required: false
type: path
x_api_key:
description:
- Horizon password
- Required if you use credentials authentication
required: false
type: str
client_key:
description:
- Path of a client certificate's key.
- Required if you use certificate based authentication
required: false
type: path
client_cert:
description:
- Path of a client certificate.
- Required if you use certificate based authentication
required: false
type: path
certificate_pem:
description:
- A certificate in PEM format, or the path to the certificate PEM file.
required: false
suboptions:
src:
description: The path to a certificate PEM file
required: false
type: path
type: str
_id:
description: Horizon internal certificate ID.
returned: If specifically requested.
type: str
certificate:
description: Certificate in PEM format.
returned: If specifically requested.
type: str
crlSynchronized:
description: True if the revocation status was reconciled from the CRL
returned: If present and specifically requested.
type: bool
discoveredTrusted:
description:
- True if the certificate was discovered and trusted.
- False if the certificate was discovered.
- Absent if the certificate was not discovered.
returned: If present and specifically requested.
type: bool
discoveryData:
contains:
hostnames:
description: Host hostnames.
elements: str
returned: If present.
type: list
ip:
description: Host IP address
returned: Always.
type: string
operatingSystems:
description: Host operating systems
elements: str
returned: If present.
type: list
paths:
description: Host paths.
elements: str
returned: If present.
type: list
tlsPorts:
contains:
port:
description: Port number.
returned: Always.
type: int
version:
description: TLS version.
returned: Always.
type: string
description: Host TLS ports.
elements: dict
returned: If present.
type: list
usages:
description: Certificate usages.
elements: str
returned: If present.
type: list
description: Certificate discovery data.
elements: dict
returned: Only if the certificate was discovered.
type: list
discoveryInfo:
contains:
campaign:
description: Campaign name.
returned: Always.
type: string
identifier:
description: Horizon user that discovered the certificate.
returned: If present.
type: str
lastDiscoveryDate:
description: Last discovery date (UNIX timestamp in millis).
returned: Always.
type: int
description: Certificate's discovery info
elements: dict
returned: If present and specifically requested
type: list
dn:
description: Certificate DN.
returned: If specifically requested.
type: str
holderId:
description: Certificate holder ID.
returned: If specifically requested.
type: str
issuer:
description: Certificate issuer DN.
returned: If specifically requested.
type: str
keyType:
description: Certificate key type.
returned: If specifically requested.
type: str
labels:
contains:
key:
description: Label key
returned: Always.
type: string
value:
description: Label value
returned: Always.
type: string
description: Certificate labels.
elements: dict
returned: If present and specifically requested.
type: list
metadata:
contains:
key:
description: Metadata key
returned: Always.
type: string
value:
description: Metadata value
returned: Always.
type: string
description: Certificate metadata.
elements: dict
returned: If specifically requested.
type: list
module:
description: Certificate module.
returned: If specifically requested.
type: str
notAfter:
description: Certificate expiration date (UNIX timestamp in millis).
returned: If specifically requested.
type: int
notBefore:
description: Certificate issuance date (UNIX timestamp in millis).
returned: If specifically requested.
type: int
owner:
description: Certificate's owner.
returned: If specifically requested.
type: str
profile:
description: Certificate profile.
returned: If present and specifically requested.
type: str
publicKeyThumbprint:
description: Certificate public key thumbprint.
returned: If specifically requested.
type: str
revocationDate:
description: Certificate revocation date (UNIX timestamp in millis).
returned: If present and specifically requested.
type: int
revocationReason:
description: Certificate revocation reason.
returned: If specifically requested.
type: str
selfSigned:
description: True if the certificate is self-signed.
returned: If specifically requested.
type: bool
serial:
description: Certificate serial number (hexadecimal format).
returned: If specifically requested.
type: str
signingAlgorithm:
description: Certificate signing algorithm.
returned: If specifically requested.
type: str
subjectAlternateNames:
contains:
sanType:
description: SAN type
returned: Always
type: str
value:
description: SAN value
returned: Always
type: str
description: Certificate subject alternate names (SANs).
elements: dict
returned: If specifically requested.
type: list
thirdPartyData:
contains:
connector:
description: Third party connector name.
returned: Always.
type: string
fingerprint:
description: Third party object fingerprint.
returned: If present.
type: string
id:
description: Third party object ID.
returned: Always.
type: string
pushDate:
description: Certificate's push date in the third party (UNIX timestamp in millis).
returned: If present.
type: int
removeDate:
description: Certificate's remove date in the third party (UNIX timestamp in
millis).
returned: If present.
type: int
description: Certificate third-party data.
elements: dict
returned: If present and specifically requested.
type: list
thumbprint:
description: Certificate public key thumbprint.
returned: If specifically requested.
type: str
triggerResults:
contains:
detail:
description: Execution details.
returned: If present.
type: str
event:
description: Trigger event type.
returned: Always.
type: str
lastExecutionDate:
description: Last trigger execution date (UNIX timestamp in millis).
returned: Always.
type: int
name:
description: Trigger name.
returned: Always.
type: str
nextDelay:
description: Duration until next try.
returned: If present.
type: str
nextExecutionDate:
description: Next trigger execution date (UNIX timestamp in millis).
returned: If present.
type: int
retries:
description: Trigger retries count.
returned: If present.
type: int
status:
description: Trigger type.
returned: Always.
type: str
description: Certificate trigger results.
elements: dict
returned: If present and specifically requested.
type: list