Metadata-Version: 2.1
Name: ansible-role-thales-hsm
Version: 10.0.0.0rc1
Summary: ansible-role-thales-hsm - Ansible role to configure nShileld Connect HSM clients.
Home-page: https://opendev.org/openstack/ansible-role-thales-hsm
Author: TripleO Team
Author-email: alee@redhat.com
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Information Technology
Classifier: Topic :: Utilities
License-File: LICENSE
License-File: AUTHORS
Requires-Dist: pbr>=1.6
Requires-Dist: ansible>=2.8.0

thales-hsm
==========

This is a role to manage the client software for Entrust nShield Connect
Hardware Security Modules (HSMs).

This repo uses the "Thales" name for historical reasons:

At the time when this repository was created nShield HSMs were owned by Thales.
Since then, the nShield line of HSMs have gone through some ownership changes,
including nCipher for some time, and currently Entrust.

If you are looking for the ansible role to manage client software for
Thales Luna Network HSMs you can find it here:

https://opendev.org/openstack/ansible-role-lunasa-hsm

Role Variables
--------------

.. list-table::
   :widths: auto
   :header-rows: 1

   * - Name
     - Default Value
     - Description
   * - thales_install_client
     - false
     - Whether the role should install the client software on the target host.
   * - thales_configure_rfs
     - false
     - Whether the role should execute the RFS configuration tasks.
   * - thales_client_working_dir
     - /tmp/security_world_install
     - Working directory in the target host.
   * - thales_client_gid
     - 42481
     - Group ID for the nfast group.
   * - thales_client_uid
     - 42481
     - User ID for the nfast user.
   * - security_world_iso_zip_url
     - None
     - URL location of the Security World ISO ZIP file.
   * - thales_client_tarball_location
     - None
     - DEPRECATED: Use security_world_iso_zip_url instead.
   * - thales_rfs_ip_address
     - None
     - IPv4 address for the RFS host.
   * - thales_client_ips
     - None
     - Whitespace separated list of IP addresses to be added to RFS config.
   * - thales_bootstrap_client_ip
     - None
     - Bootstrap client IP address.  This IP will be allowed to update RFS
       server.
   * - nshield_hsms
     - None
     - List of one or more HSM devices


Requirements
------------

 - ansible >= 2.4
 - Security World Software v13.4.4 ISO ZIP file - The ISO file in ZIP format as
   provided by Entrust.  This should be hosted in an HTTPS server that can be
   accessed from the target host.

