gcp_kms_crypto_key_info – Gather info for GCP CryptoKey¶
New in version 2.9.
Requirements¶
The below requirements are needed on the host that executes this module.
- python >= 2.6
- requests >= 2.18.4
- google-auth >= 1.3.0
Parameters¶
Notes¶
Note
- for authentication, you can set service_account_file using the c(gcp_service_account_file) env variable.
- for authentication, you can set service_account_contents using the c(GCP_SERVICE_ACCOUNT_CONTENTS) env variable.
- For authentication, you can set service_account_email using the GCP_SERVICE_ACCOUNT_EMAILenv variable.
- For authentication, you can set auth_kind using the GCP_AUTH_KINDenv variable.
- For authentication, you can set scopes using the GCP_SCOPESenv variable.
- Environment variables values will only be used if the playbook values are not set.
- The service_account_email and service_account_file options are mutually exclusive.
Examples¶
- name: get info on a crypto key
  gcp_kms_crypto_key_info:
    key_ring: projects/{{ gcp_project }}/locations/us-central1/keyRings/key-key-ring
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | ||
|---|---|---|---|---|
| resources 
                  complex
                                       | always | List of resources | ||
| creationTime 
                  string
                                       | success | The time that this resource was created on the server. This is in RFC3339 text format. | ||
| keyRing 
                  string
                                       | success | The KeyRing that this key belongs to. Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`. | ||
| labels 
                  dictionary
                                       | success | Labels with user-defined metadata to apply to this resource. | ||
| name 
                  string
                                       | success | The resource name for the CryptoKey. | ||
| purpose 
                  string
                                       | success | Immutable purpose of CryptoKey. See https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose for inputs. | ||
| rotationPeriod 
                  string
                                       | success | Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter `s` (seconds). It must be greater than a day (ie, 86400). | ||
| versionTemplate 
                  complex
                                       | success | A template describing settings for new crypto key versions. | ||
| algorithm 
                  string
                                       | success | The algorithm to use when creating a version based on this template. See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs. | ||
| protectionLevel 
                  string
                                       | success | The protection level to use when creating a version based on this template. | ||
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Google Inc. (@googlecloudplatform)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
