gcp_kms_crypto_key_info – Gather info for GCP CryptoKey¶
New in version 2.9.
Requirements¶
The below requirements are needed on the host that executes this module.
- python >= 2.6
- requests >= 2.18.4
- google-auth >= 1.3.0
Parameters¶
Notes¶
Note
- for authentication, you can set service_account_file using the c(gcp_service_account_file) env variable.
- for authentication, you can set service_account_contents using the c(GCP_SERVICE_ACCOUNT_CONTENTS) env variable.
- For authentication, you can set service_account_email using the
GCP_SERVICE_ACCOUNT_EMAIL
env variable. - For authentication, you can set auth_kind using the
GCP_AUTH_KIND
env variable. - For authentication, you can set scopes using the
GCP_SCOPES
env variable. - Environment variables values will only be used if the playbook values are not set.
- The service_account_email and service_account_file options are mutually exclusive.
Examples¶
- name: get info on a crypto key
gcp_kms_crypto_key_info:
key_ring: projects/{{ gcp_project }}/locations/us-central1/keyRings/key-key-ring
project: test_project
auth_kind: serviceaccount
service_account_file: "/tmp/auth.pem"
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | ||
---|---|---|---|---|
resources
complex
|
always |
List of resources
|
||
creationTime
string
|
success |
The time that this resource was created on the server.
This is in RFC3339 text format.
|
||
keyRing
string
|
success |
The KeyRing that this key belongs to.
Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
|
||
labels
dictionary
|
success |
Labels with user-defined metadata to apply to this resource.
|
||
name
string
|
success |
The resource name for the CryptoKey.
|
||
purpose
string
|
success |
Immutable purpose of CryptoKey. See https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose for inputs.
|
||
rotationPeriod
string
|
success |
Every time this period passes, generate a new CryptoKeyVersion and set it as the primary.
The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter `s` (seconds). It must be greater than a day (ie, 86400).
|
||
versionTemplate
complex
|
success |
A template describing settings for new crypto key versions.
|
||
algorithm
string
|
success |
The algorithm to use when creating a version based on this template.
See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs.
|
||
protectionLevel
string
|
success |
The protection level to use when creating a version based on this template.
|
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Google Inc. (@googlecloudplatform)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.