community.general.dsv – Get secrets from Thycotic DevOps Secrets Vault

From Get docs
Ansible/docs/2.11/collections/community/general/dsv lookup


community.general.dsv – Get secrets from Thycotic DevOps Secrets Vault

Note

This plugin is part of the community.general collection (version 2.0.1).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.dsv.


New in version 1.0.0: of community.general


Synopsis

  • Uses the Thycotic DevOps Secrets Vault Python SDK to get Secrets from a DSV tenant using a client_id and client_secret.

Requirements

The below requirements are needed on the local controller node that executes this lookup.

Parameters

Parameter Choices/Defaults Configuration Comments

_terms

string / required

The path to the secret, e.g. /staging/servers/web1.

client_id

string / required

ini entries: [dsv_lookup]client_id = None


env:DSV_CLIENT_ID

The client_id with which to request the Access Grant.

client_secret

string / required

ini entries: [dsv_lookup]client_secret = None


env:DSV_CLIENT_SECRET

The client secret associated with the specific client_id.

tenant

string / required

ini entries: [dsv_lookup]tenant = None


env:DSV_TENANT

The first format parameter in the default url_template.

tld

string

Default:

"com"

ini entries: [dsv_lookup]tld = com


env:DSV_TLD

The top-level domain of the tenant; the second format parameter in the default url_template.

url_template

string

Default:

ini entries: [dsv_lookup]url_template = https://{}.secretsvaultcloud.{}/v1


env:DSV_URL_TEMPLATE

The path to prepend to the base URL to form a valid REST API request.



Examples

- hosts: localhost
  vars:
      secret: "{{ lookup('community.general.dsv', '/test/secret') }}"
  tasks:
      - ansible.builtin.debug:
          msg: 'the password is {{ secret["data"]["password"] }}'

Return Values

Common return values are documented here, the following are the fields unique to this lookup:

Key Returned Description

_list

list / elements=dictionary

success

One or more JSON responses to GET /secrets/{path}.





Authors

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/general/dsv_lookup.html


Retrieved from "https://getdocs.org/index.php?title=Ansible/docs/2.11/collections/community/general/dsv_lookup&oldid=61734"
Powered by MediaWiki