---
- name: Install Specified Kong Plugins Globally
hosts: localhost
tasks:
- name: Define Kong Plugins with Configurations
set_fact:
kong_plugins:
- name: "correlation-id"
config:
header_name: "Kong-Request-ID"
generator: "uuid"
echo_downstream: true
- name: "http-log"
config:
http_endpoint: "http://your-logging-service.local/logs"
method: "POST"
timeout: 10000
keepalive: 60000
- name: "jwt"
config: {}
- name: "ldap-auth-advanced"
config:
ldap_host: "ldap.yourdomain.com"
ldap_port: 389
start_tls: false
verify_ldap_host: true
base_dn: "dc=yourdomain,dc=com"
attribute: "uid"
cache_ttl: 60
timeout: 10000
keepalive: 60000
- name: "mtls-auth"
config:
ca_certificates: ["<CA_CERTIFICATE>"]
depth: 1
cache_ttl: 60
- name: "openid-connect"
config:
issuer: "https://your-oidc-provider.com"
client_id: "your-client-id"
client_secret: "your-client-secret"
redirect_uri: "https://your-kong-instance.com/redirect"
scopes: ["openid", "profile", "email"]
- name: "request-termination"
config:
status_code: 403
message: "Forbidden"
content_type: "text/plain"
- name: Ensure Specified Plugins Are Installed Globally
uri:
url: "http://localhost:8001/plugins"
method: POST
body_format: json
body:
name: "{{ plugin.name }}"
config: "{{ plugin.config | default({}) }}"
status_code: [201, 409] # 201 = Created, 409 = Conflict (Already Exists)
loop: "{{ kong_plugins }}"
loop_control:
loop_var: plugin
register: plugin_response
ignore_errors: yes
- name: Debug Plugin Deployment Responses
debug:
var: plugin_response.results
Infra Cloud Solutions 