hpe.nimble.hpe_nimble_encryption – Manage the HPE Nimble Storage encryption

Note

This plugin is part of the hpe.nimble collection (version 1.1.4).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install hpe.nimble.

To use it in a playbook, specify: hpe.nimble.hpe_nimble_encryption.

New in version 1.0.0: of hpe.nimble

Synopsis

  • Manage the encryption on an Nimble Storage group.

Requirements

The below requirements are needed on the host that executes this module.

  • Ansible 2.9 or later

  • Python 3.6 or later

  • HPE Nimble Storage SDK for Python

  • HPE Nimble Storage arrays running NimbleOS 5.0 or later

Parameters

Parameter Choices/Defaults Comments
active
boolean
    Choices:
  • no
  • yes
Whether the master key is active or not.
age
integer
Minimum age (in hours) of inactive encryption keys to be purged. '0' indicates to purge the keys immediately.
encryption_config
dictionary
How encryption is configured for this group. Group encryption settings.
group_encrypt
boolean
    Choices:
  • no
  • yes
Flag for setting group encryption.
host
string / required
HPE Nimble Storage IP address.
name
string / required
Name of the master key. The only allowed value is "default".
new_passphrase
string
When changing the passphrase, this attribute specifies the new value of the passphrase. String with size from 8 to 64 printable characters.
passphrase
string
Passphrase used to protect the master key, required during creation, enabling/disabling the key and change the passphrase to a new value. String with size from 8 to 64 printable characters.
password
string / required
HPE Nimble Storage password.
purge_inactive
boolean
    Choices:
  • no
  • yes
Purges encryption keys that have been inactive for the age or longer. If you do not specify an age, the keys will be purged immediately.
state
string / required
    Choices:
  • create
  • present
  • absent
The encryption operation.
username
string / required
HPE Nimble Storage user name.

Notes

Note

  • This module does not support check_mode.

Examples

# if state is create, then create master key, fails if it exist or cannot create
# if state is present, then create master key if not present ,else success
- name: Create master key
  hpe.nimble.hpe_nimble_encryption:
    host: "{{ host }}"
    username: "{{ username }}"
    password: "{{ password }}"
    name: "default"
    passphrase: "{{ passphrase }}"
    active: "{{ active | default('false') }}"
    state: "{{ state | default('present') }}"

- name: Delete master key
  hpe.nimble.hpe_nimble_encryption:
    host: "{{ host }}"
    username: "{{ username }}"
    password: "{{ password }}"
    name: "default"
    state: "absent"

- name: Purge inactive master key
  hpe.nimble.hpe_nimble_encryption:
    host: "{{ host }}"
    username: "{{ username }}"
    password: "{{ password }}"
    name: "default"
    age: "{{ age | mandatory }}"
    state: "present"
    purge_inactive: true

- name: Group encryption
  hpe.nimble.hpe_nimble_encryption:
    host: "{{ host }}"
    username: "{{ username }}"
    password: "{{ password }}"
    name: "{{ name }}"
    encryption_config: "{{ encryption_config | mandatory }}"
    state: "present"
    group_encrypt: true

Authors