google.cloud.gcp_kms_crypto_key_info – Gather info for GCP CryptoKey¶
Note
This plugin is part of the google.cloud collection (version 1.0.2).
To install it use: ansible-galaxy collection install google.cloud.
To use it in a playbook, specify: google.cloud.gcp_kms_crypto_key_info.
Requirements¶
The below requirements are needed on the host that executes this module.
python >= 2.6
requests >= 2.18.4
google-auth >= 1.3.0
Parameters¶
Notes¶
Note
for authentication, you can set service_account_file using the
gcp_service_account_fileenv variable.for authentication, you can set service_account_contents using the
GCP_SERVICE_ACCOUNT_CONTENTSenv variable.For authentication, you can set service_account_email using the
GCP_SERVICE_ACCOUNT_EMAILenv variable.For authentication, you can set auth_kind using the
GCP_AUTH_KINDenv variable.For authentication, you can set scopes using the
GCP_SCOPESenv variable.Environment variables values will only be used if the playbook values are not set.
The service_account_email and service_account_file options are mutually exclusive.
Examples¶
- name: get info on a crypto key
gcp_kms_crypto_key_info:
key_ring: projects/{{ gcp_project }}/locations/us-central1/keyRings/key-key-ring
project: test_project
auth_kind: serviceaccount
service_account_file: "/tmp/auth.pem"
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | ||
|---|---|---|---|---|
|
resources
complex
|
always |
List of resources
|
||
|
createTime
string
|
success |
The time that this resource was created on the server.
This is in RFC3339 text format.
|
||
|
keyRing
string
|
success |
The KeyRing that this key belongs to.
Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
|
||
|
labels
dictionary
|
success |
Labels with user-defined metadata to apply to this resource.
|
||
|
name
string
|
success |
The resource name for the CryptoKey.
|
||
|
nextRotationTime
string
|
success |
The time when KMS will create a new version of this Crypto Key.
|
||
|
purpose
string
|
success |
Immutable purpose of CryptoKey. See https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose for inputs.
|
||
|
rotationPeriod
string
|
success |
Every time this period passes, generate a new CryptoKeyVersion and set it as the primary.
The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter `s` (seconds). It must be greater than a day (ie, 86400).
|
||
|
skipInitialVersionCreation
boolean
|
success |
If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must use the `google_kms_key_ring_import_job` resource to import the CryptoKeyVersion.
|
||
|
versionTemplate
complex
|
success |
A template describing settings for new crypto key versions.
|
||
|
algorithm
string
|
success |
The algorithm to use when creating a version based on this template.
See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs.
|
||
|
protectionLevel
string
|
success |
The protection level to use when creating a version based on this template.
|
||
Authors¶
Google Inc. (@googlecloudplatform)