Try SpotterAuthors: unknown
Install with ansible-galaxy collection install aiyor.gcp:==1.0.1
collections:
- name: aiyor.gcp
version: 1.0.1This lookup returns the secrets stored in GCP Secret Manager provided the caller has the appropriate permissions to read the secret.
- ansible.builtin.debug: # Using service account json authentication file
msg: |
the secret value is {{
lookup(
'gcp_secret',
project='my-gcp-project-id',
secret='mysecret',
version='3',
auth_kind='serviceaccount',
service_account_file='/tmp/myserviceaccountfile.json')
}}
scopes:
default: https://www.googleapis.com/auth/cloud-platform
description:
- Array of scopes to be used
elements: str
type: list
secret:
description:
- The name of the secret.
required: true
project:
default: environment variable 'GCP_PROJECT'
description:
- GCP project number.
version:
default: latest
description:
- The version of the secret.
required: false
auth_kind:
choices:
- application
- machineaccount
- serviceaccount
- accesstoken
default: environment variable 'GCP_AUTH_KIND'
description:
- The type of credential used.
required: true
type: str
access_token:
description:
- An OAuth2 access token if credential type is accesstoken.
type: str
service_account_file:
description:
- The path of a Service Account JSON file if serviceaccount is selected as type.
type: path
service_account_email:
description:
- An optional service account email address if machineaccount is selected and the
user does not wish to use the default email.
type: str
service_account_contents:
description:
- The contents of a Service Account JSON file, either in a dictionary or as a JSON
string that represents it.
type: jsonarg
_raw: description: - secret content string