thalesgroup.ciphertrust.cm_regtoken (1.0.0) — module

Create or update registration token

| "added in version" 1.0.0 of thalesgroup.ciphertrust"

Authors: Anurag Jain, Developer Advocate Thales Group

Install collection

Install with ansible-galaxy collection install thalesgroup.ciphertrust:==1.0.0


Add to requirements.yml

  collections:
    - name: thalesgroup.ciphertrust
      version: 1.0.0

Description

The module is to create or update client registration token

Usage examples

  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: "Create Registration Token"
  thalesgroup.ciphertrust.cm_regtoken:
    localNode:
        server_ip: "IP/FQDN of CipherTrust Manager"
        server_private_ip: "Private IP in case that is different from above"
        server_port: 5432
        user: "CipherTrust Manager Username"
        password: "CipherTrust Manager Password"
        verify: false
    op_type: create
    ca_id: 76c4da32-0953-4c6a-bf77-c5a70314244c
    cert_duration: 730
    label:
      ClientProfile: DefaultClientProfile
    lifetime: 30d
    max_clients: 100
    name_prefix: "ansible_client"

Inputs

    
id:
    description: registration token ID to be updated
    type: str

ca_id:
    description: ID of the trusted Certificate Authority that will be used to sign client
      certificate during registration process. By default local Certificate Authority
      will be used to issue certificates.
    type: str

label:
    description: Label is the key value pair. In case of KMIP client registration, Key
      is KmipClientProfile and in case of PA client registration Key is ClientProfile.
      Value for the key is the profile name of protectapp/Kmip client profile to be mapped
      with the token for protectapp/Kmip client registration.
    type: dict

op_type:
    choices:
    - create
    - patch
    description: Operation to be performed
    required: true
    type: str

lifetime:
    description: Duration in minutes/hours/days for which this token can be used for registering
      CipherTrust Manager clients. No limit by default. For 'x' amount of time, it should
      formatted as xm for x minutes, xh for hours and xd for days.
    type: str

localNode:
    description:
    - this holds the connection parameters required to communicate with an instance of
      CipherTrust Manager (CM)
    - holds IP/FQDN of the server, username, password, and port
    required: true
    suboptions:
      password:
        description: admin password of CM
        required: true
        type: str
      server_ip:
        description: CM Server IP or FQDN
        required: true
        type: str
      server_port:
        default: 5432
        description: Port on which CM server is listening
        required: true
        type: int
      server_private_ip:
        description: internal or private IP of the CM Server, if different from the server_ip
        required: true
        type: str
      user:
        description: admin username of CM
        required: true
        type: str
      verify:
        default: false
        description: if SSL verification is required
        required: true
        type: bool
    type: dict

max_clients:
    description: Maximum number of clients that can be registered using this registration
      token. No limit by default.
    type: int

name_prefix:
    description: Prefix for the client name. For a client registered using this registration
      token, name_prefix, if specified, client name will be constructed as 'name_prefix{nth
      client registered using this registation token}', If name_prefix is not specified,
      CipherTrust Manager server will generate a random name for the client.
    type: str

cert_duration:
    default: 730
    description: Duration in days for which the CipherTrust Manager client's certificate
      is valid, default (730).
    type: int