community.general.consul_acl_bootstrap module – Bootstrap ACLs in Consul

Note

This module is part of the community.general collection (version 8.5.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.consul_acl_bootstrap.

New in community.general 8.3.0

Synopsis

Parameters

Parameter

Comments

bootstrap_secret

string

The secret to be used as secret ID for the initial token.

Needs to be an UUID.

ca_path

string

The CA bundle to use for https connections

host

string

Host of the consul agent, defaults to localhost.

Default: "localhost"

port

integer

The port on which the consul agent is running.

Default: 8500

scheme

string

The protocol scheme on which the consul agent is running. Defaults to http and can be set to https for secure connections.

Default: "http"

state

string

Whether the token should be present or absent.

Choices:

  • "present" ← (default)

  • "bootstrapped"

validate_certs

boolean

Whether to verify the TLS certificate of the consul agent.

Choices:

  • false

  • true ← (default)

Attributes

Attribute

Support

Description

check_mode

Support: none

Can run in check_mode and return changed status prediction without modifying target.

diff_mode

Support: none

Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode.

Examples

- name: Bootstrap the ACL system
  community.general.consul_acl_bootstrap:
    bootstrap_secret: 22eaeed1-bdbd-4651-724e-42ae6c43e387

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

result

dictionary

The bootstrap result as returned by the consul HTTP API.

Note: If bootstrap_secret has been specified the SecretID and ID will not contain the secret but VALUE_SPECIFIED_IN_NO_LOG_PARAMETER. If you pass bootstrap_secret, make sure your playbook/role does not depend on this return value!

Returned: changed

Sample: {"AccessorID": "834a5881-10a9-a45b-f63c-490e28743557", "CreateIndex": 25, "CreateTime": "2024-01-21T20:26:27.114612038+01:00", "Description": "Bootstrap Token (Global Management)", "Hash": "X2AgaFhnQGRhSSF/h0m6qpX1wj/HJWbyXcxkEM/5GrY=", "ID": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "Local": false, "ModifyIndex": 25, "Policies": [{"ID": "00000000-0000-0000-0000-000000000001", "Name": "global-management"}], "SecretID": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"}

Authors

  • Florian Apolloner (@apollo13)