hyperledger_labs / hyperledger_labs.fabric_ansible_collection / 2.0.0 / module / registered_identity Manage a registered Hyperledger Fabric identity Authors: Simon Stone (@sstone1) preview | supported by communityhyperledger_labs.fabric_ansible_collection.registered_identity (2.0.0) — module
Install with ansible-galaxy collection install hyperledger_labs.fabric_ansible_collection:==2.0.0
collections: - name: hyperledger_labs.fabric_ansible_collection version: 2.0.0
Register, update, or revoke an Hyperledger Fabric identity.
This module works with the IBM Support for Hyperledger Fabric software or the Hyperledger Fabric Open Source Stack running in a Red Hat OpenShift or Kubernetes cluster.
- name: Register a new identity hyperledger.fabric_ansible_collection.registered_identity: state: present api_endpoint: https://console.example.org:32000 api_authtype: basic api_key: xxxxxxxx api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx certificate_authority: Org1 CA registrar: Org1 CA Admin.json enrollment_id: org1app enrollment_secret: org1apppw max_enrollments: 10 type: client attributes: - name: "fabcar.admin" value: "true"
- name: Delete an existing identity hyperledger.fabric_ansible_collection.registered_identity: state: absent api_endpoint: https://console.example.org:32000 api_authtype: basic api_key: xxxxxxxx api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx certificate_authority: Org1 CA registrar: Org1 CA Admin.json enrollment_id: org1app
hsm: description: - 'The PKCS #11 compliant HSM configuration to use for digital signatures.' - Only required if the identity specified in I(registrar) was enrolled using an HSM. suboptions: label: description: - The HSM label that should be used for digital signatures. type: str pin: description: - The HSM pin that should be used for digital signatures. type: str pkcs11library: description: - 'The PKCS #11 library that should be used for digital signatures.' type: str type: dict type: choices: - admin - client - peer - orderer default: client description: - The type of this identity. type: str state: choices: - absent - present default: present description: - C(absent) - If an identity is registered matching the specified enrollment ID, the identity will be removed. Note that this operation is unsupported by default and must be enabled by the certificate authority. - C(present) - Asserts that an identity matching the specified enrollment ID and configuration is registered. If no identity matches the specified enrollment ID, the identity will be created. If an identity matches the specified enrollment ID but the configuration does not match, then the identity will be updated, if it can be. If it cannot be updated, it will be removed and re-created with the specified configuration. type: str api_key: description: - The API key for the Fabric operations console. required: true type: str registrar: description: - The identity to use when interacting with the certificate authority. - You can pass a string, which is the path to the JSON file where the enrolled identity is stored. - You can also pass a dict, which must match the result format of one of the M(enrolled_identity_info) or M(enrolled_identity) modules. required: true type: raw api_secret: description: - The API secret for the Fabric operations console. - Only required when I(api_authtype) is C(basic). type: str attributes: description: - The attributes for this identity. elements: dict suboptions: ecert: description: - Whether or not the attribute and its value will be in the enrollment certificate. type: bool name: description: - The name of the attribute. type: str value: description: - The value of the attribute. type: str type: list affiliation: description: - The affiliation of this identity. type: str api_timeout: default: 60 description: - The timeout, in seconds, to use when interacting with the Fabric operations console. type: int api_authtype: description: - C(basic) - Authenticate to the Fabric operations console using basic authentication. You must provide both a valid API key using I(api_key) and API secret using I(api_secret). required: true type: str api_endpoint: description: - The URL for the Fabric operations console. required: true type: str enrollment_id: description: - The enrollment ID, or user name, of the identity to register on the certificate authority. required: true type: str max_enrollments: default: -1 description: - The maximum number of times that this identity can be enrolled. type: int enrollment_secret: description: - The enrollment secret, or password, of an identity to register on the certificate authority. - Only required when I(state) is C(present). type: str certificate_authority: description: - The certificate authority to use to register this identity. - You can pass a string, which is the display name of a certificate authority registered with the Fabric operations console. - You can also pass a dictionary, which must match the result format of one of the M(certificate_authority_info) or M(certificate_authority) modules. required: true type: raw
registered_identity: contains: affiliation: description: - The affiliation of this identity. sample: org1.department type: str attributes: contains: ecert: description: - Whether or not the attribute and its value will be in the enrollment certificate. sample: true type: bool name: description: - The name of the attribute. sample: fabcar.admin type: str value: description: - The value of the attribute. sample: true type: str description: - The attributes for this identity. elements: dict type: list enrollment_id: description: - The enrollment ID, or user name, of the identity. sample: org1admin type: str enrollment_secret: description: - The enrollment secret, or password, of an identity. sample: org1adminpw type: str max_enrollments: description: - The maximum number of times that this identity can be enrolled. sample: -1 type: int type: description: - The type of this identity. sample: admin type: str description: - The registered identity. returned: when I(state) is C(present) type: dict