community.general.utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM

From Get docs
Ansible/docs/2.11/collections/community/general/utm ca host key cert module


community.general.utm_ca_host_key_cert – create, update or destroy ca host_key_cert entry in Sophos UTM

Note

This plugin is part of the community.general collection (version 2.0.1).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.utm_ca_host_key_cert.


Synopsis

  • Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
  • This module needs to have the REST Ability of the UTM to be activated.

Parameters

Parameter Choices/Defaults Comments

ca

string / required

A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.

certificate

string / required

The certificate in PEM format.

comment

string

Optional comment string.

encrypted

boolean

  • no

  • yes

Optionally enable encryption.

headers

dictionary

A dictionary of additional headers to be sent to POST and PUT requests.

Is needed for some modules

key

string

Optional private key in PEM format.

meta

string / required

A reference to an existing utm_ca_meta_x509 object.

name

string / required

The name of the object. Will be used to identify the entry.

state

string

  • absent
  • present

The desired state of the object.

present will create or update an object

absent will delete an object if it was present

utm_host

string / required

The REST Endpoint of the Sophos UTM.

utm_port

integer

Default:

4444

The port of the REST interface.

utm_protocol

string

  • http
  • https

The protocol of the REST Endpoint.

utm_token

string / required

validate_certs

boolean

  • no
  • yes

Whether the REST interface's ssl certificate should be verified or not.



Examples

- name: Create a ca_host_key_cert entry
  community.general.utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    ca: REF_ca/signing_ca_OBJECT_STRING
    meta: REF_ca/meta_x509_OBJECT_STRING
    certificate: |
      --- BEGIN CERTIFICATE ---
      . . .
       . . .
      . . .
      --- END CERTIFICATE ---
    state: present

- name: Remove a ca_host_key_cert entry
  community.general.utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    state: absent

- name: Read a ca_host_key_cert entry
  community.general.utm_ca_host_key_cert:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestHostKeyCertEntry
    state: info

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

result

complex

success

The utm object that was created


_locked

boolean

success

Whether or not the object is currently locked


_ref

string

success

The reference name of the object


_type

string

success

The type of the object


ca

string

success

A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.


certificate

string

success

The certificate in PEM format


comment

string

success

Comment string (may be empty string)


encrypted

boolean

success

If encryption is enabled


key

string

success

Private key in PEM format (may be empty string)


meta

string

success

A reference to an existing utm_ca_meta_x509 object.


name

string

success

The name of the object





Authors

  • Stephan Schwarz (@stearz)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/general/utm_ca_host_key_cert_module.html