gcp_kms_crypto_key – Creates a GCP CryptoKey¶
New in version 2.9.
Requirements¶
The below requirements are needed on the host that executes this module.
python >= 2.6
requests >= 2.18.4
google-auth >= 1.3.0
Parameters¶
Notes¶
Note
API Reference: https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys
Creating a key: https://cloud.google.com/kms/docs/creating-keys#create_a_key
for authentication, you can set service_account_file using the c(gcp_service_account_file) env variable.
for authentication, you can set service_account_contents using the c(GCP_SERVICE_ACCOUNT_CONTENTS) env variable.
For authentication, you can set service_account_email using the
GCP_SERVICE_ACCOUNT_EMAIL
env variable.For authentication, you can set auth_kind using the
GCP_AUTH_KIND
env variable.For authentication, you can set scopes using the
GCP_SCOPES
env variable.Environment variables values will only be used if the playbook values are not set.
The service_account_email and service_account_file options are mutually exclusive.
Examples¶
- name: create a key ring
gcp_kms_key_ring:
name: key-key-ring
location: us-central1
project: "{{ gcp_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
state: present
register: keyring
- name: create a crypto key
gcp_kms_crypto_key:
name: test_object
key_ring: projects/{{ gcp_project }}/locations/us-central1/keyRings/key-key-ring
project: test_project
auth_kind: serviceaccount
service_account_file: "/tmp/auth.pem"
state: present
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]
Authors¶
Google Inc. (@googlecloudplatform)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.