hyperledger / hyperledger.fabric_ansible_collection / 2.0.7 / module / enrolled_identity Manage an enrolled Hyperledger Fabric identity Authors: Simon Stone (@sstone1) preview | supported by communityhyperledger.fabric_ansible_collection.enrolled_identity (2.0.7) — module
Install with ansible-galaxy collection install hyperledger.fabric_ansible_collection:==2.0.7
collections: - name: hyperledger.fabric_ansible_collection version: 2.0.7
Enroll, re-enroll, or delete an enrolled Hyperledger Fabric identity.
This module works with the IBM Support for Hyperledger Fabric software or the Hyperledger Fabric Open Source Stack running in a Red Hat OpenShift or Kubernetes cluster.
- name: Enroll an identity hyperledger.fabric_ansible_collection.enrolled_identity: state: present api_endpoint: https://console.example.org:32000 api_authtype: basic api_key: xxxxxxxx api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx certificate_authority: Org1 CA name: Org1 Admin enrollment_id: org1admin enrollment_secret: org1adminpw path: Org1 Admin.json
- name: Remove an enrolled identity hyperledger.fabric_ansible_collection.enrolled_identity: state: absent api_endpoint: https://console.example.org:32000 api_authtype: basic api_key: xxxxxxxx api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx path: Org1 Admin.json
hsm: description: - 'The PKCS #11 compliant HSM configuration to use for generating and storing the private key.' suboptions: label: description: - The HSM label that should be used for generating and storing the private key. type: str pin: description: - The HSM pin that should be used for generating and storing the private key. type: str pkcs11library: description: - 'The PKCS #11 library that should be used for generating and storing the private key.' type: str type: dict tls: default: false description: - True if the identity should be enrolled against the TLS certificate authority, false otherwise. - Cannot be specified at the same time as a PKCS type: bool name: description: - The name of the enrolled identity. - Only required when I(state) is C(present). type: str path: description: - The path to the JSON file where the enrolled identity will be stored. required: true hosts: description: - The list of host names to add to the certificate as X.509 Subject Alternative Names. - Can only be specified when enrolling the identity against the TLS certificate authority. elements: str type: list state: choices: - absent - present default: present description: - C(absent) - A certificate authority matching the specified name will be stopped and removed. - C(present) - Asserts that a certificate authority matching the specified name and configuration exists. If no certificate authority matches the specified name, a certificate authority will be created. If a certificate authority matches the specified name but the configuration does not match, then the certificate authority will be updated, if it can be. If it cannot be updated, it will be removed and re-created with the specified configuration. type: str api_key: description: - The API key for the Fabric operations console. required: true type: str api_secret: description: - The API secret for the Fabric operations console. - Only required when I(api_authtype) is C(basic). type: str api_timeout: default: 60 description: - The timeout, in seconds, to use when interacting with the Fabric operations console. type: int api_authtype: description: - C(basic) - Authenticate to the Fabric operations console using basic authentication. You must provide both a valid API key using I(api_key) and API secret using I(api_secret). required: true type: str api_endpoint: description: - The URL for the Fabric operations console. required: true type: str enrollment_id: description: - The enrollment ID, or user name, of an identity registered on the certificate authority for this peer. - Only required when I(state) is C(present). type: str force_reenroll: default: false description: - True if the identity should be re-enrolled, false otherwise. - If specified, then the identity will be re-enrolled every time that your playbook is run. type: bool enrollment_secret: description: - The enrollment secret, or password, of an identity registered on the certificate authority for this peer. - Only required when I(state) is C(present). type: str certificate_authority: description: - The certificate authority to use to enroll this identity. - You can pass a string, which is the display name of a certificate authority registered with the Fabric operations console. - You can also pass a dictionary, which must match the result format of one of the M(certificate_authority_info) or M(certificate_authority) modules. - Only required when I(state) is C(present). type: raw reenroll_before_expiry: default: -1 description: - Use this option to automatically re-enroll the identity before the certificate expires. - Specified as the maximum time in seconds before the expiration of the certificate. - For example, to automatically re-enroll the identity when there are less than 30 days remaining before the certificate expires, set this option to C(2592000). type: int
enrolled_identity: contains: ca: description: - The base64 encoded CA certificate chain of the enrolled identity. sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t... type: str cert: description: - The base64 encoded certificate of the enrolled identity. sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t... type: str name: description: - The name of the enrolled identity. sample: Org1 Admin type: str private_key: description: - The base64 encoded private key of the enrolled identity. sample: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0t... type: str description: - The enrolled identity. returned: when I(state) is C(present) type: dict