cisco.intersight.intersight_certificate_management_policy module – Certificate Management Policy configuration for Cisco Intersight
Note
This module is part of the cisco.intersight collection (version 2.12.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install cisco.intersight.
To use it in a playbook, specify: cisco.intersight.intersight_certificate_management_policy.
Synopsis
Manages Certificate Management Policy configuration on Cisco Intersight.
A policy to configure certificate management for Cisco Intersight managed servers.
This policy allows configuration of Root CA certificates and IMC certificates with private keys.
For more information see Cisco Intersight.
Parameters
Parameter |
Comments |
|---|---|
Public API Key ID associated with the private key. If not set, the value of the INTERSIGHT_API_KEY_ID environment variable is used. |
|
Filename (absolute path) or string of PEM formatted private key data to be used for Intersight API authentication. If a string is used, Ansible vault should be used to encrypt string data. Ex. ansible-vault encrypt_string --vault-id tme@/Users/dsoper/Documents/vault_password_file ‘-----BEGIN EC PRIVATE KEY----- <your private key data> -----END EC PRIVATE KEY-----’ If not set, the value of the INTERSIGHT_API_PRIVATE_KEY environment variable is used. |
|
URI used to access the Intersight API. If not set, the value of the INTERSIGHT_API_URI environment variable is used. Default: |
|
List of certificates to manage in the policy. Can include Root CA certificates and IMC certificates. Only one IMC certificate can be configured per policy. |
|
The PEM-encoded certificate data. Must be base64 encoded. Required for all certificate types. |
|
A name that helps identify a certificate. Can be any string that adheres to the following constraints. It should start and end with an alphanumeric character. It can have underscores and hyphens. It cannot be more than 30 characters. Required for Root CA certificates. |
|
Type of certificate to configure.
Choices:
|
|
Whether the certificate is enabled. Choices:
|
|
The PEM-encoded private key for the certificate. Must be base64 encoded. Required only for IMC certificate type. |
|
The user-defined description for the Certificate Management Policy. Description can contain letters(a-z, A-Z), numbers(0-9), hyphen(-), period(.), colon(:), or an underscore(_). |
|
The name assigned to the Certificate Management Policy. The name must be between 1 and 62 alphanumeric characters, allowing special characters :-_. |
|
The name of the Organization this resource is assigned to. Profiles and Policies that are created within a Custom Organization are applicable only to devices in the same Organization. Default: |
|
If If Choices:
|
|
List of tags in Key:<user-defined key> Value:<user-defined value> format. |
|
If Choices:
|
|
Boolean control for verifying the api_uri TLS certificate Choices:
|
Examples
- name: Create Certificate Management Policy with Root CA certificate
cisco.intersight.intersight_certificate_management_policy:
api_private_key: "{{ api_private_key }}"
api_key_id: "{{ api_key_id }}"
organization: "default"
name: "CertMgmt-Policy-01"
description: "Certificate management policy with Root CA"
certificates:
- certificate_type: rootca
certificate_name: "RootCA-01"
certificate: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t..."
enabled: true
state: present
- name: Create Certificate Management Policy with IMC certificate
cisco.intersight.intersight_certificate_management_policy:
api_private_key: "{{ api_private_key }}"
api_key_id: "{{ api_key_id }}"
name: "CertMgmt-Policy-02"
description: "Certificate management policy with IMC certificate"
certificates:
- certificate_type: imc
certificate: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t..."
private_key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQ..."
enabled: true
state: present
- name: Create Certificate Management Policy with both types
cisco.intersight.intersight_certificate_management_policy:
api_private_key: "{{ api_private_key }}"
api_key_id: "{{ api_key_id }}"
name: "CertMgmt-Policy-03"
description: "Certificate management policy with both certificate types"
certificates:
- certificate_type: rootca
certificate_name: "RootCA-01"
certificate: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t..."
enabled: true
- certificate_type: imc
certificate: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t..."
private_key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQ..."
enabled: true
state: present
- name: Update policy - remove all certificates
cisco.intersight.intersight_certificate_management_policy:
api_private_key: "{{ api_private_key }}"
api_key_id: "{{ api_key_id }}"
name: "CertMgmt-Policy-01"
certificates: []
state: present
- name: Delete Certificate Management Policy
cisco.intersight.intersight_certificate_management_policy:
api_private_key: "{{ api_private_key }}"
api_key_id: "{{ api_key_id }}"
name: "CertMgmt-Policy-01"
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
The API response output returned by the specified resource. Returned: always Sample: |