netapp.storagegrid.na_sg_grid_client_certificate module – Manage Client Certificates on StorageGRID

Note

This module is part of the netapp.storagegrid collection (version 21.13.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netapp.storagegrid.

To use it in a playbook, specify: netapp.storagegrid.na_sg_grid_client_certificate.

New in netapp.storagegrid 21.11.0

Synopsis

• Create, Update, Delete Client Certificates on NetApp StorageGRID.

Parameters

Parameter	Comments
allow_prometheus boolean	Whether the external monitoring tool can access Prometheus metrics. Choices: false true
api_url string / required	The url to the StorageGRID Admin Node REST API.
auth_token string / required	The authorization token for the API request
certificate_id string	ID of the client certificate.
display_name string	A display name for the client certificate configuration. This parameter can be modified if certificate_id is also specified.
public_key string	X.509 client certificate in PEM-encoding.
state string	Whether the specified certificate should exist. Choices: "present" ← (default) "absent"
validate_certs boolean	Should https certificates be validated? Choices: false true ← (default)

Notes

Note

• The modules prefixed with na_sg are built to manage NetApp StorageGRID.

Examples

- name: create client certificate
  netapp.storagegrid.na_sg_grid_client_certificate:
    api_url: "https://<storagegrid-endpoint-url>"
    auth_token: "storagegrid-auth-token"
    validate_certs: false
    state: present
    display_name: client-cert1
    public_key: |
      -----BEGIN CERTIFICATE-----
      MIIC6DCCAdACCQC7l4WukhKD0zANBgkqhkiG9w0BAQsFADA2..swCQYDVQQGEwJB
      BAMMHnNnYW4wMS5kZXYubWljcm9icmV3Lm5ldGFwcC5hdTCC..IwDQYJKoZIhvcN
      AQEBBQADggEPADCCAQoCggEBAMvjm9I35lmKcC7ITVL8+QiZ..lvdkbfZCUQrfdy
      71inP+XmPjs0rnkhICA9ItODteRcVlO+t7nDTfm7HgG0mJFk..m0ffyEYrcx24qu
      S7gXYQjRsJmrep1awoaCa20BMGuqK2WKI3IvZ7YiT22qkBqK..+hIFffX6u3Jy+B
      77pR6YcATtpMHW/AaOx+OX9l80dIRsRZKMDxYQ==
      -----END CERTIFICATE-----
    allow_prometheus: true

- name: rename client certificate
  netapp.storagegrid.na_sg_grid_client_certificate:
    api_url: "https://<storagegrid-endpoint-url>"
    auth_token: "storagegrid-auth-token"
    validate_certs: false
    state: present
    certificate_id: 00000000-0000-0000-0000-000000000000
    display_name: client-cert1-rename
    public_key: |
      -----BEGIN CERTIFICATE-----
      MIIC6DCCAdACCQC7l4WukhKD0zANBgkqhkiG9w0BAQsFADA2..swCQYDVQQGEwJB
      BAMMHnNnYW4wMS5kZXYubWljcm9icmV3Lm5ldGFwcC5hdTCC..IwDQYJKoZIhvcN
      AQEBBQADggEPADCCAQoCggEBAMvjm9I35lmKcC7ITVL8+QiZ..lvdkbfZCUQrfdy
      71inP+XmPjs0rnkhICA9ItODteRcVlO+t7nDTfm7HgG0mJFk..m0ffyEYrcx24qu
      S7gXYQjRsJmrep1awoaCa20BMGuqK2WKI3IvZ7YiT22qkBqK..+hIFffX6u3Jy+B
      77pR6YcATtpMHW/AaOx+OX9l80dIRsRZKMDxYQ==
      -----END CERTIFICATE-----
    allow_prometheus: true

- name: delete client certificate
  netapp.storagegrid.na_sg_grid_client_certificate:
    api_url: "https://<storagegrid-endpoint-url>"
    auth_token: "storagegrid-auth-token"
    validate_certs: false
    state: absent
    display_name: client-cert1-rename

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
resp dictionary	Returns information about the StorageGRID server certificates. Returned: success Sample: {"allowPrometheus": true, "displayName": "client-cert1", "expiryDate": "2024-01-01T00:00:00.000Z", "id": "abcABC_01234-0123456789abcABCabc0123456789==", "publicKey": "-----BEGIN CERTIFICATE-----MIIC6DCCAdACCQC7l4WukhKD0zANBgkqhkiG9w0BAQsFADA2MQswCQYDVQQGE...-----END CERTIFICATE-----"}

Authors

• NetApp Ansible Team (@joshedmonds)

Collection links

• Homepage
• Repository (Sources)