serverscom.sc_api.sc_ssh_key (0.1.0) — module

Manage ssh key

| "added in version" 1.0.0 of serverscom.sc_api"

Authors: George Shuklin (@amarao)

preview | supported by community

Install collection

Install with ansible-galaxy collection install serverscom.sc_api:==0.1.0


Add to requirements.yml

  collections:
    - name: serverscom.sc_api
      version: 0.1.0

Description

Add or remove ssh keys in the idempotent way.

Usage examples

  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
    - name: Add ssh key
      sc_ssh_key:
        name: key42
        public_key: '{{ lookup("file", "~/.ssh/id_rsa.pub") }}'
        state: present
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
    - name: Remove ssh keys either matching name or fingerprint
      sc_ssh_key:
        name: redundant
        fingerprint: 58:e5:58:e9:38:10:82:57:d9:82:11:8c:f6:44:68:e8
        state: absent
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
    - name: Add key but fails if there is a different key with the same name
      sc_ssh_key:
        name: ci_key
        public_key: '{{ ci_public_key }}'
        state: present
        replace: false

Inputs

    
name:
    description:
    - Name of the key.
    - Required for I(state)=C(present).
    - Used for I(state)=C(absent) to remove keys by name.
    required: false
    type: str

state:
    choices:
    - present
    - absent
    description:
    - State of the key.
    - If I(state)=C(present), module checks if there are other keys with the same name
      or fingerprint. If they are but are different (f.e. existing key with a given nave
      have different fingerprint) they are replaced with I(name) and I(public_key) values.
    - If I(state)=C(absent), module removes keys based both on name and fingerprint or
      fail if I(replace) is C(false).
    required: true
    type: str

token:
    description:
    - Token to use.
    - You can create token for you account in https://portal.servers.com in Profile ->
      Public API section.
    required: true
    type: str

replace:
    default: false
    description:
    - Used for I(state)=C(present).
    - If set to C(false), module fails if other keys with the same name or fingerprint
      are present.
    - If set to C(true), remove conflicting keys.
    type: bool

endpoint:
    default: https://api.servers.com/v1
    description:
    - Endpoint to use to connect to API.
    - Do not change until specifically asked to do otherwise.
    type: str

public_key:
    description:
    - public key in base64 (with type prefix, f.e. ssh-rss).
    - Used to calculate I(fingerprint).
    - Required for I(state)=C(present).
    required: false
    type: str

fingerprint:
    description:
    - Fingerprint of the key.
    - Used for I(state)=C(absent).
    - If both I(fingerprint) and I(public_keys) are given, module returns error if they
      are from different keys.
    - Derived automatically from I(public_key) if needed.
    required: false
    type: str