def hashivault_initialize(params): client = hashivault_client(params) if client.sys.is_initialized(): return {'changed': False} result = {'changed': True} secret_shares = params.get('secret_shares') secret_threshold = params.get('secret_threshold') pgp_keys = params.get('pgp_keys') root_token_pgp_key = params.get('root_token_pgp_key') stored_shares = params.get('stored_shares') recovery_shares = params.get('recovery_shares') recovery_threshold = params.get('recovery_threshold') recovery_pgp_keys = params.get('recovery_pgp_keys') result.update( client.sys.initialize( secret_shares=secret_shares, secret_threshold=secret_threshold, pgp_keys=pgp_keys, root_token_pgp_key=root_token_pgp_key, stored_shares=stored_shares, recovery_shares=recovery_shares, recovery_threshold=recovery_threshold, recovery_pgp_keys=recovery_pgp_keys, )) return result
def hashivault_rekey_cancel(params): client = hashivault_client(params) # Check if rekey is on-going & return when rekey not in progress status = client.rekey_status if not status['started']: return {'changed': False} return {'status': client.sys.cancel_rekey().ok, 'changed': True}
def hashivault_generate_root_cancel(params): client = hashivault_client(params) # Check if generate_root is on-going & return when generate_root not in progress status = client.generate_root_status if not status['started']: return {'changed': False} return {'status': client.cancel_generate_root(), 'changed': True}
def hashivault_rekey_cancel(params): client = hashivault_client(params) # Check if rekey is on-going & return when rekey not in progress status = client.rekey_status if not status['started']: return {'changed': False} return {'status': client.sys.cancel_rekey().ok, 'changed': True}
def hashivault_generate_root_init(params): client = hashivault_client(params) # Check if rekey is on-going status = client.generate_root_status if status['started']: return {'changed': False} pgp = params.get('pgp_key') return {'status': client.start_generate_root(pgp, otp=False), 'changed': True}
def hashivault_generate_root_init(params): client = hashivault_client(params) # Check if rekey is on-going status = client.generate_root_status if status['started']: return {'changed': False} pgp = params.get('pgp_key') return {'status': client.start_generate_root(pgp, otp=False), 'changed': True}
def hashivault_unseal(params): keys = params.get('keys') client = hashivault_client(params) if client.sys.is_sealed(): return { 'status': client.sys.submit_unseal_keys(keys.split()), 'changed': True } else: return {'changed': False}
def hashivault_rekey_init(params): client = hashivault_client(params) # Check if rekey is on-going, exit if there is a rekey in progress status = client.rekey_status if status['started']: return {'changed': False} secret_shares = params.get('secret_shares') secret_threshold = params.get('secret_threshold') pgp_keys = params.get('pgp_keys') backup = params.get('backup') return {'status': client.sys.start_rekey(secret_shares, secret_threshold, pgp_keys, backup), 'changed': True}
def hashivault_cluster_status(params): client = hashivault_client(params) response = client.sys.read_health_status(standby_ok=params.get("standby_ok"), method=params.get("method")) from requests.models import Response if isinstance(response, Response): try: status = response.json() except Exception: status = response.content else: status = response return {'status': status}
def hashivault_cluster_status(params): client = hashivault_client(params) response = client.sys.read_health_status( standby_ok=params.get("standby_ok"), method=params.get("method")) from requests.models import Response if isinstance(response, Response): try: status = response.json() except Exception: status = response.content else: status = response return {'status': status}
def hashivault_generate_root_status(params): client = hashivault_client(params) return {'status': client.generate_root_status}
def hashivault_generate_root_status(params): client = hashivault_client(params) return {'status': client.generate_root_status}
def hashivault_generate_root(params): key = params.get('key') nonce = params.get('nonce') client = hashivault_client(params) return {'status': client.generate_root(key, nonce), 'changed': True}
def hashivault_rekey(params): key = params.get('key') nonce = params.get('nonce') client = hashivault_client(params) return {'status': client.sys.rekey(key, nonce), 'changed': True}
def hashivault_status(params): client = hashivault_client(params) return {'status': client.sys.read_seal_status()}
def hashivault_status(params): client = hashivault_client(params) return {'status': client.sys.read_seal_status()}
def hashivault_generate_root(params): key = params.get('key') nonce = params.get('nonce') client = hashivault_client(params) return {'status': client.generate_root(key, nonce), 'changed': True}
def hashivault_rekey_status(params): client = hashivault_client(params) return {'status': client.rekey_status}
def hashivault_leader(params): client = hashivault_client(params) return {'status': client.sys.read_leader_status()}