From bf514b571782802ef6dee6e193f206bbc0529c4e Mon Sep 17 00:00:00 2001 From: The Magician Date: Fri, 23 Aug 2019 10:27:37 -0700 Subject: [PATCH] New Module: gcp_kms_crypto_key_info (#61097) --- .../cloud/google/gcp_kms_crypto_key_info.py | 176 ++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 lib/ansible/modules/cloud/google/gcp_kms_crypto_key_info.py diff --git a/lib/ansible/modules/cloud/google/gcp_kms_crypto_key_info.py b/lib/ansible/modules/cloud/google/gcp_kms_crypto_key_info.py new file mode 100644 index 00000000000..1777c41bea7 --- /dev/null +++ b/lib/ansible/modules/cloud/google/gcp_kms_crypto_key_info.py @@ -0,0 +1,176 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Google +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file at +# https://www.github.com/GoogleCloudPlatform/magic-modules +# +# ---------------------------------------------------------------------------- + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +################################################################################ +# Documentation +################################################################################ + +ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ["preview"], 'supported_by': 'community'} + +DOCUMENTATION = ''' +--- +module: gcp_kms_crypto_key_info +description: +- Gather info for GCP CryptoKey +short_description: Gather info for GCP CryptoKey +version_added: 2.9 +author: Google Inc. (@googlecloudplatform) +requirements: +- python >= 2.6 +- requests >= 2.18.4 +- google-auth >= 1.3.0 +options: + key_ring: + description: + - The KeyRing that this key belongs to. + - 'Format: `''projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}''`.' + required: true + type: str +extends_documentation_fragment: gcp +''' + +EXAMPLES = ''' +- name: get info on a crypto key + gcp_kms_crypto_key_info: + key_ring: projects/{{ gcp_project }}/locations/us-central1/keyRings/key-key-ring + project: test_project + auth_kind: serviceaccount + service_account_file: "/tmp/auth.pem" +''' + +RETURN = ''' +resources: + description: List of resources + returned: always + type: complex + contains: + name: + description: + - The resource name for the CryptoKey. + returned: success + type: str + creationTime: + description: + - The time that this resource was created on the server. + - This is in RFC3339 text format. + returned: success + type: str + labels: + description: + - Labels with user-defined metadata to apply to this resource. + returned: success + type: dict + purpose: + description: + - Immutable purpose of CryptoKey. See U(https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose) + for inputs. + returned: success + type: str + rotationPeriod: + description: + - Every time this period passes, generate a new CryptoKeyVersion and set it + as the primary. + - The first rotation will take place after the specified period. The rotation + period has the format of a decimal number with up to 9 fractional digits, + followed by the letter `s` (seconds). It must be greater than a day (ie, 86400). + returned: success + type: str + versionTemplate: + description: + - A template describing settings for new crypto key versions. + returned: success + type: complex + contains: + algorithm: + description: + - The algorithm to use when creating a version based on this template. + - See the [algorithm reference](U(https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm)) + for possible inputs. + returned: success + type: str + protectionLevel: + description: + - The protection level to use when creating a version based on this template. + returned: success + type: str + keyRing: + description: + - The KeyRing that this key belongs to. + - 'Format: `''projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}''`.' + returned: success + type: str +''' + +################################################################################ +# Imports +################################################################################ +from ansible.module_utils.gcp_utils import navigate_hash, GcpSession, GcpModule, GcpRequest +import json + +################################################################################ +# Main +################################################################################ + + +def main(): + module = GcpModule(argument_spec=dict(key_ring=dict(required=True, type='str'))) + + if not module.params['scopes']: + module.params['scopes'] = ['https://www.googleapis.com/auth/cloudkms'] + + return_value = {'resources': fetch_list(module, collection(module))} + module.exit_json(**return_value) + + +def collection(module): + return "https://cloudkms.googleapis.com/v1/{key_ring}/cryptoKeys".format(**module.params) + + +def fetch_list(module, link): + auth = GcpSession(module, 'kms') + return auth.list(link, return_if_object, array_name='cryptoKeys') + + +def return_if_object(module, response): + # If not found, return nothing. + if response.status_code == 404: + return None + + # If no content, return nothing. + if response.status_code == 204: + return None + + try: + module.raise_for_status(response) + result = response.json() + except getattr(json.decoder, 'JSONDecodeError', ValueError) as inst: + module.fail_json(msg="Invalid JSON response with error: %s" % inst) + + if navigate_hash(result, ['error', 'errors']): + module.fail_json(msg=navigate_hash(result, ['error', 'errors'])) + + return result + + +if __name__ == "__main__": + main()