kpfleming.powerdns_auth.tsigkey module – Manages a TSIG key in a PowerDNS Authoritative server

Note

This module is part of the kpfleming.powerdns_auth collection (version 24.3.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install kpfleming.powerdns_auth. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: kpfleming.powerdns_auth.tsigkey.

Synopsis 

This module allows a task to manage the presence and content of a TSIG key in a PowerDNS Authoritative server.

Requirements 

The below requirements are needed on the host that executes this module.

bravado

Parameters 

Parameter	Comments
algorithm string	The message digest algorithm, as specified by RFC 2845 and its updates, which will be used to validate requests including this key. Required when `state` is `present`. Choices: `"hmac-md5"` ← (default) `"hmac-sha1"` `"hmac-sha224"` `"hmac-sha256"` `"hmac-sha384"` `"hmac-sha512"`
api_key string / required	Key (token) used to authenticate to the API endpoint in the server.
api_spec_path string	Path of the OpenAPI (Swagger) API spec document in `api_url`. Default: `"/api/docs"`
api_url string	URL of the API endpoint in the server. Default: `"http://localhost:8081"`
key string	The base-64 encoded key value.
name string / required	Name of the key to be managed.
server_id string	ID of the server instance which holds the key. Default: `"localhost"`
state string	If `present` the key will be created if necessary; if it already exists, its configuration will be updated to match the provided attributes. If `absent` the key will be removed it if exists. If `exists` the key’s existence will be checked, but it will not be modified. Choices: `"present"` ← (default) `"absent"` `"exists"`

Examples 

%YAML 1.2
---
- name: check that key exists
  pdns_auth_tsigkey:
    name: key1
    state: exists
    api_key: 'foobar'

- name: create key with default algorithm
  pdns_auth_tsigkey:
    name: key2
    state: present
    api_key: 'foobar'

- name: remove key
  pdns_auth_tsigkey:
    name: key2
    state: absent
    api_key: 'foobar'

- name: create key with algorithm and content
  pdns_auth_tsigkey:
    name: key3
    state: present
    api_key: 'foobar'
    algorithm: hmac-sha256
    key: '+8fQxgYhf5PVGPKclKnk8ReujIfWXOw/aEzzPPhDi6AGagpg/r954FPZdzgFfUjnmjMSA1Yu7vo6DQHVoGnRkw=='

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
key complex	Information about the key Returned: always
algorithm string	The message digest algorithm, as specified by RFC 2845 and its updates, which will be used to validate requests including this key. Returned: always
exists boolean	Indicate whether the key exists Returned: always
key string	The base-64 encoded key value. Returned: always
name string	Name Returned: always

Authors

Kevin P. Fleming (@kpfleming)

kpfleming.powerdns_auth.tsigkey module – Manages a TSIG key in a PowerDNS Authoritative server

Synopsis

Requirements

Parameters

Examples

Return Values