ACI Private_Key String to Allow for Vaulting (#54251)

* Allows the use of Private_Keys to be entered as a string instead of just a file. Making it possible to use VAULT to encrypt the key * Fixed Issues auto check found * Provide helpful information while avoiding credential exposure * Restore original variable name :-) * Fix a few other things * Influence the default certificate_name in both cases * Update documentation * Add contributed docs * Fix CI issue
2025-04-28 21:31:26 -07:00 · 2019-03-27 11:19:50 -05:00 · 2019-03-27 11:19:50 -05:00 · 62d3ed0e2f
commit 62d3ed0e2f
parent f9876f3450
4 changed files with 112 additions and 23 deletions
--- a/lib/ansible/plugins/doc_fragments/aci.py
+++ b/lib/ansible/plugins/doc_fragments/aci.py
@ -34,16 +34,17 @@ options:
    required: yes
  private_key:
    description:
-    - PEM formatted file that contains your private key to be used for signature-based authentication.
-    - The name of the key (without extension) is used as the certificate name in ACI, unless C(certificate_name) is specified.
+    - Either a PEM-formatted private key file or the private key content used for signature-based authentication.
+    - This value also influences the default C(certificate_name) that is used.
    - This option is mutual exclusive with C(password). If C(password) is provided too, it will be ignored.
-    type: path
+    type: str
    required: yes
    aliases: [ cert_key ]
  certificate_name:
    description:
    - The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.
-    - It defaults to the C(private_key) basename, without extension.
+    - If a C(private_key) filename was provided, this defaults to the C(private_key) basename, without extension.
+    - If PEM-formatted content was provided for C(private_key), this defaults to the C(username) value.
    type: str
    aliases: [ cert_name ]
  output_level: