community.general.utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM
community.general.utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM
Note
This plugin is part of the community.general collection (version 2.0.1).
To install it use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.utm_ca_host_key_cert
.
Synopsis
- Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
ca string / required |
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object. | |
certificate string / required |
The certificate in PEM format. | |
comment string |
Optional comment string. | |
encrypted boolean |
|
Optionally enable encryption. |
headers dictionary |
A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules | |
key string |
Optional private key in PEM format. | |
meta string / required |
A reference to an existing utm_ca_meta_x509 object. | |
name string / required |
The name of the object. Will be used to identify the entry. | |
state string |
|
The desired state of the object.
|
utm_host string / required |
The REST Endpoint of the Sophos UTM. | |
utm_port integer |
Default: 4444 |
The port of the REST interface. |
utm_protocol string |
|
The protocol of the REST Endpoint. |
utm_token string / required |
The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2. | |
validate_certs boolean |
|
Whether the REST interface's ssl certificate should be verified or not. |
Examples
- name: Create a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
ca: REF_ca/signing_ca_OBJECT_STRING
meta: REF_ca/meta_x509_OBJECT_STRING
certificate: |
--- BEGIN CERTIFICATE ---
. . .
. . .
. . .
--- END CERTIFICATE ---
state: present
- name: Remove a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: absent
- name: Read a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: info
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | |
---|---|---|---|
result complex |
success |
The utm object that was created
| |
_locked boolean |
success |
Whether or not the object is currently locked
| |
_ref string |
success |
The reference name of the object
| |
_type string |
success |
The type of the object
| |
ca string |
success |
A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
| |
certificate string |
success |
The certificate in PEM format
| |
comment string |
success |
Comment string (may be empty string)
| |
encrypted boolean |
success |
If encryption is enabled
| |
key string |
success |
Private key in PEM format (may be empty string)
| |
meta string |
success |
A reference to an existing utm_ca_meta_x509 object.
| |
name string |
success |
The name of the object
|
Authors
- Stephan Schwarz (@stearz)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/general/utm_ca_host_key_cert_module.html