cloudera.cloud.env_auth_info module – Gather information about CDP environment authentication details

Note

This module is part of the cloudera.cloud collection (version 3.1.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cloudera.cloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cloudera.cloud.env_auth_info.

New in cloudera.cloud 1.0.0

Synopsis

  • Gather information about CDP environment authentication details, notably the FreeIPA root certificate and user keytabs.

  • The module supports check_mode.

Requirements

The below requirements are needed on the host that executes this module.

  • cdpy

Parameters

Parameter

Comments

cdp_region

aliases: cdp_endpoint_region, endpoint_region

string

Specify the Cloudera Data Platform endpoint region.

Default: "default"

debug

aliases: debug_endpoints

boolean

Capture the CDP SDK debug log.

Choices:

  • false ← (default)

  • true

keytab

aliases: keytabs, user_keytabs

boolean

A flag to retrieve the keytabs for the given environment or environments, governed by the value of user.

If no environments are declared, all environments will be queried.

Choices:

  • false

  • true ← (default)

name

aliases: environment

list / elements=string

A target list of environments or a single environment string.

If no environments are specified, all environments are targeted.

profile

string

If provided, the CDP SDK will use this value as its profile.

root_certificate

aliases: root_ca, cert

boolean

A flag indicating whether to retrieve the given environment’s FreeIPA root certificate.

Choices:

  • false

  • true ← (default)

user

aliases: users

list / elements=string

A list of user IDs or a single user ID for retrieving the keytabs from the specified environment(s).

If no user ID is declared, the current CDP user will be used.

verify_endpoint_tls

aliases: endpoint_tls

boolean

Verify the TLS certificates for the CDP endpoint.

Choices:

  • false

  • true ← (default)

Examples

# Note: These examples do not set authentication details.

# Retrieve only the root certificate for a single environment
- cloudera.cloud.env_auth_info:
    name: the-environment
    root_certificate: true
    keytab: false

# Retrieve the root certificate for multiple environments
- cloudera.cloud.env_auth_info:
    name:
      - one-environment
      - two-environment
    root_certificate: true
    keytab: false

# Retrieve the keytab details for the current CDP user for selected environments
- cloudera.cloud.env_auth_info:
    name:
      - one-environment
      - two-environment
    keytab: true
    root_certificate: false

# Retrieve the keytab details for the specified users for selected environments
- cloudera.cloud.env_auth_info:
    name:
      - one-environment
      - two-environment
    user:
      - UserA
      - UserB
    keytab: true
    root_certificate: false

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

authentication

dictionary

Returns a dictionary of the environment authentication details.

Returned: always

certificates

dictionary

A dictionary of environment-to-FreeIPA root certificate

Returned: when supported

_environment name_

string

The FreeIPA root certificate for the environment

Returned: always

keytabs

dictionary

A dictionary of the keytabs for each specified environment by user.

Returned: when supported

_workload username_

dictionary

The user’s workload username.

Returned: always

_environment name_

string

The keytab for the environment. The keytab is encoded in base64.

Returned: always

sdk_out

string

Returns the captured CDP SDK log.

Returned: when supported

sdk_out_lines

list / elements=string

Returns a list of each line of the captured CDP SDK log.

Returned: when supported

Authors

  • Webster Mudge (@wmudge)

  • Dan Chaffelson (@chaffelson)