2023-07-30 10:43:36 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
|
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
"""Implement documentation fragment for Hashivault module."""
|
|
|
|
|
2023-12-13 10:23:28 +00:00
|
|
|
from __future__ import absolute_import, division, print_function
|
2023-07-30 10:43:36 +00:00
|
|
|
|
|
|
|
__metaclass__ = type
|
|
|
|
|
|
|
|
|
|
|
|
class ModuleDocFragment: # noqa
|
|
|
|
# Standard documentation
|
|
|
|
DOCUMENTATION = r"""
|
|
|
|
requirements:
|
|
|
|
- hvac>=0.10.1
|
|
|
|
- ansible>=2.0.0
|
|
|
|
- requests
|
|
|
|
options:
|
|
|
|
url:
|
|
|
|
description:
|
|
|
|
- URL of the Vault server.
|
|
|
|
- You can use C(VAULT_ADDR) environment variable.
|
|
|
|
default: ""
|
|
|
|
type: str
|
|
|
|
ca_cert:
|
|
|
|
description:
|
|
|
|
- Path to a PEM-encoded CA cert file to use to verify the Vault server
|
|
|
|
TLS certificate.
|
|
|
|
- You can use C(VAULT_CACERT) environment variable.
|
|
|
|
default: ""
|
|
|
|
type: str
|
|
|
|
ca_path:
|
|
|
|
description:
|
|
|
|
- Path to a directory of PEM-encoded CA cert files to verify the Vault server
|
|
|
|
TLS certificate. If ca_cert is specified, its value will take precedence.
|
|
|
|
- You can use C(VAULT_CAPATH) environment variable.
|
|
|
|
default: ""
|
|
|
|
type: str
|
|
|
|
client_cert:
|
|
|
|
description:
|
|
|
|
- Path to a PEM-encoded client certificate for TLS authentication to the Vault
|
|
|
|
server.
|
|
|
|
- You can use C(VAULT_CLIENT_CERT) environment variable.
|
|
|
|
default: ""
|
|
|
|
type: str
|
|
|
|
client_key:
|
|
|
|
description:
|
|
|
|
- Path to an unencrypted PEM-encoded private key matching the client certificate.
|
|
|
|
- You can use C(VAULT_CLIENT_KEY) environment variable.
|
|
|
|
default: ""
|
|
|
|
type: str
|
|
|
|
verify:
|
|
|
|
description:
|
|
|
|
- If set, do not verify presented TLS certificate before communicating with Vault
|
|
|
|
server. Setting this variable is not recommended except during testing.
|
|
|
|
- You can use C(VAULT_SKIP_VERIFY) environment variable.
|
|
|
|
default: false
|
|
|
|
type: bool
|
|
|
|
authtype:
|
|
|
|
description:
|
|
|
|
- Authentication type.
|
|
|
|
- You can use C(VAULT_AUTHTYPE) environment variable.
|
|
|
|
default: "token"
|
|
|
|
type: str
|
|
|
|
choices: ["token", "userpass", "github", "ldap", "approle"]
|
|
|
|
login_mount_point:
|
|
|
|
description:
|
|
|
|
- Authentication mount point.
|
|
|
|
- You can use C(VAULT_LOGIN_MOUNT_POINT) environment variable.
|
|
|
|
type: str
|
|
|
|
token:
|
|
|
|
description:
|
|
|
|
- Token for vault.
|
|
|
|
- You can use C(VAULT_TOKEN) environment variable.
|
|
|
|
type: str
|
|
|
|
username:
|
|
|
|
description:
|
|
|
|
- Username to login to vault.
|
|
|
|
- You can use C(VAULT_USER) environment variable.
|
|
|
|
default: ""
|
|
|
|
type: str
|
|
|
|
password:
|
|
|
|
description:
|
|
|
|
- Password to login to vault.
|
|
|
|
- You can use C(VAULT_PASSWORD) environment variable.
|
|
|
|
type: str
|
|
|
|
role_id:
|
|
|
|
description:
|
|
|
|
- Role id for vault.
|
|
|
|
- You can use C(VAULT_ROLE_ID) environment variable.
|
|
|
|
type: str
|
|
|
|
secret_id:
|
|
|
|
description:
|
|
|
|
- Secret id for vault.
|
|
|
|
- You can use C(VAULT_SECRET_ID) environment variable.
|
|
|
|
type: str
|
|
|
|
aws_header:
|
|
|
|
description:
|
|
|
|
- X-Vault-AWS-IAM-Server-ID Header value to prevent replay attacks.
|
|
|
|
- You can use C(VAULT_AWS_HEADER) environment variable.
|
|
|
|
type: str
|
|
|
|
namespace:
|
|
|
|
description:
|
|
|
|
- Namespace for vault.
|
|
|
|
- You can use C(VAULT_NAMESPACE) environment variable.
|
|
|
|
type: str
|
|
|
|
"""
|