Horizon template plugin
Note
This module is part of the evertrust.horizon collection (version 1.5.1).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install evertrust.horizon.
To use it in a playbook, specify: evertrust.horizon.horizon_template.
Synopsis
Performs a get template request against the Horizon API.
Note
This module has a corresponding action plugin.
Parameters
Parameter |
Comments |
|---|---|
Path of a CA bundle used to validate the Horizon instance SSL certificate. |
|
Path of a client certificate. Required if you use certificate based authentication |
|
Path of a client certificate’s key. Required if you use certificate based authentication |
|
Your Horizon instance base endpoint. It must include the protocol (https://) and no trailing slash nor path. |
|
Name of the profile. |
|
Workflow of the template Choices:
|
|
Horizon identifier Required if you use credentials authentication |
|
Horizon password Required if you use credentials authentication |
Examples
- name: Get webra enroll template
evertrust.horizon.horizon_template:
endpoint: "https://<horizon-endpoint>"
x_api_id: "<horizon-id>"
x_api_key: "<horizon-password>"
profile: "exampleProfile"
workflow: "enroll"
- name: Get webra renew template
evertrust.horizon.horizon_template:
endpoint: "https://<horizon-endpoint>"
x_api_id: "<horizon-id>"
x_api_key: "<horizon-password>"
profile: "exampleProfile"
workflow: "renew"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Describes how certificates will be enrolled on this profile. Returned: If present |
|
List of authorized key types for enrollment. Returned: If present |
|
Whether this profile supports centralized enrollment. Returned: Always |
|
Whether this profile supports decentralized enrollment. Returned: Always |
|
Default key type used for centralized enrollment. Returned: If present |
|
Whether this profile will escrow the certificate private keys. Returned: Always |
|
Whether the user will be required to input their PKCS#12 password upon enrollment. Returned: If present |
|
Password policy for the P12 file. Returned: If present |
|
Encryption type for the P12 file. Returned: If present |
|
If both centralized and decentralized enrollment are supported, this is the preferred mode. Returned: If present |
|
Whether the PKCS#12 file will be displayed to the user upon enrollment. Returned: If present |
|
Whether the PKCS#12 file will be displayed to the user upon recovery. Returned: If present |
|
Whether the PKCS#12 password will be displayed to the user upon enrollment. Returned: If present |
|
Whether the PKCS#12 password will be displayed to the user upon recovery. Returned: If present |
|
Information about the certificate’s contact email and how to edit it. Returned: If present |
|
Computation rule input will be evaluated and will override all other inputs. Returned: If present |
|
The description of the contact email. Returned: If present |
|
The ISO 3166-1 (2-letters) code of the language used for the value. Returned: Always |
|
The localized value. Returned: Always |
|
Whether the contact email is editable by the requester. Returned: If present |
|
Whether the contact email is mandatory to submit this request. Returned: If present |
|
The regex used to validate the contact email. Returned: If present |
|
The contact email. Returned: If present |
|
The list of allowed contact emails. Returned: If present |
|
Information about the certificate’s extensions and how to edit them. Returned: If present |
|
Computation rule input will be evaluated and will override all other inputs. Returned: If present |
|
Whether the extension element is editable by the requester. Returned: If present |
|
Whether the extension element is mandatory to submit this request. Returned: If present |
|
The regular expression to validate the extension element. Returned: If present |
|
The type of the extension element. Returned: Always |
|
The value of the extension element. Returned: If present |
|
List of labels used internally to tag and group certificates. Returned: If present |
|
The computation rule of the label element. Returned: If present |
|
The description of the label element. Returned: If present |
|
The ISO 3166-1 (2-letters) code of the language used for the value. Returned: Always |
|
The localized value. Returned: Always |
|
The display name of the label element. Returned: If present |
|
The ISO 3166-1 (2-letters) code of the language used for the value. Returned: Always |
|
The localized value. Returned: Always |
|
Whether the label is editable. Returned: If present |
|
The enum used to validate the label element. Returned: If present |
|
The name of the label. Returned: Always |
|
Whether the label element is mandatory to submit this request. Returned: If present |
|
The regex used to validate the label element. Returned: If present |
|
The suggestions used to recommend the label element values. Returned: If present |
|
The value of the label element. Returned: If present |
|
Information about the certificate’s metadata and how to edit them. Returned: If present |
|
Whether the metadata element is editable by the requester. Returned: If present |
|
Technical metadata related to the certificate. Returned: Always |
|
The value of the metadata element. Returned: If present |
|
Information about the certificate’s owner and how to edit it. Returned: If present |
|
Computation rule input will be evaluated and will override all other inputs. Returned: If present |
|
The description of the owner element. Returned: If present |
|
The ISO 3166-1 (2-letters) code of the language used for the value. Returned: Always |
|
The localized value. Returned: Always |
|
Whether the owner element is editable by the requester. Returned: If present |
|
Whether the owner element is mandatory to submit this request. Returned: If present |
|
The value of the owner element. This should be a principal identifier. Returned: If present |
|
The password mode of the certificate Returned: If present (recover only) |
|
The password policy that will be used to generate the certificate’s PKCS#12 password. Returned: If present |
|
The internal ID of the password policy. Returned: Always |
|
The maximum number of characters of the password. Returned: If present |
|
The minimum number of characters of the password. Returned: Always |
|
The minimum number of digits of the password. Returned: If present |
|
The minimum number of lowercase characters of the password. Returned: If present |
|
The minimum number of special characters of the password. Returned: If present |
|
The minimum number of uppercase characters of the password. Returned: If present |
|
The name of the password policy. Returned: Always |
|
The special characters of the password accepted by the password policy. Returned: If present |
|
The reason for revoking the certificate Returned: If present (revocation only) |
|
List of SAN elements that will be used to build the certificate’s Subject Alternative Name. Returned: If present |
|
Computation rule input will be evaluated and will override all other inputs. Returned: If present |
|
Whether the field is editable or not for the currently authenticated user. Returned: If present |
|
The maximum number of SAN elements that must be provided. Returned: If present |
|
The minimum number of SAN elements that must be provided. Returned: If present |
|
A regular expression that will be used to validate the element’s value. Returned: If present |
|
SAN type. Returned: Always |
|
SAN value. Returned: If present |
|
List of DN elements that will be used to build the certificate’s Distinguished Name. Returned: If present |
|
Computation rule input will be evaluated and will override all other inputs. Returned: If present |
|
Whether the field is editable or not for the currently authenticated user. Returned: If present |
|
The element type and index. Returned: Always |
|
Whether the field is mandatory or not. Returned: If present |
|
A regular expression that will be used to validate the element’s value. Returned: If present |
|
The formatted element type. Returned: If present |
|
The element value. Returned: If present |
|
Information about the certificate’s team and how to edit it. Returned: If present |
|
Computation rule input will be evaluated and will override all other inputs. Returned: If present |
|
The description of the team element. Returned: If present |
|
The ISO 3166-1 (2-letters) code of the language used for the value. Returned: Always |
|
The localized value. Returned: Always |
|
Whether the team element is editable by the requester. Returned: If present |
|
Whether the team element is mandatory to submit this request. Returned: If present |
|
The value of the team element. This should be a team identifier. Returned: If present |