community.general.consul_acl_bootstrap module – Bootstrap ACLs in Consul

Note

This module is part of the community.general collection (version 9.4.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.consul_acl_bootstrap.

New in community.general 8.3.0

Synopsis

Parameters

Parameter

Comments

bootstrap_secret

string

The secret to be used as secret ID for the initial token.

Needs to be an UUID.

ca_path

string

The CA bundle to use for https connections

host

string

Host of the consul agent, defaults to localhost.

Default: "localhost"

port

integer

The port on which the consul agent is running.

Default: 8500

scheme

string

The protocol scheme on which the consul agent is running. Defaults to http and can be set to https for secure connections.

Default: "http"

state

string

Whether the token should be present or absent.

Choices:

  • "present" ← (default)

  • "bootstrapped"

validate_certs

boolean

Whether to verify the TLS certificate of the consul agent.

Choices:

  • false

  • true ← (default)

Attributes

Attribute

Support

Description

check_mode

Support: none

Can run in check_mode and return changed status prediction without modifying target.

diff_mode

Support: none

Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode.

Examples

- name: Bootstrap the ACL system
  community.general.consul_acl_bootstrap:
    bootstrap_secret: 22eaeed1-bdbd-4651-724e-42ae6c43e387

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

result

dictionary

The bootstrap result as returned by the consul HTTP API.

Note: If bootstrap_secret has been specified the SecretID and ID will not contain the secret but VALUE_SPECIFIED_IN_NO_LOG_PARAMETER. If you pass bootstrap_secret, make sure your playbook/role does not depend on this return value!

Returned: changed

Sample: {"AccessorID": "834a5881-10a9-a45b-f63c-490e28743557", "CreateIndex": 25, "CreateTime": "2024-01-21T20:26:27.114612038+01:00", "Description": "Bootstrap Token (Global Management)", "Hash": "X2AgaFhnQGRhSSF/h0m6qpX1wj/HJWbyXcxkEM/5GrY=", "ID": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "Local": false, "ModifyIndex": 25, "Policies": [{"ID": "00000000-0000-0000-0000-000000000001", "Name": "global-management"}], "SecretID": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"}

Authors

  • Florian Apolloner (@apollo13)