Try SpotterAuthors: unknown
Install with ansible-galaxy collection install aiyor.gcp:==1.0.1
collections:
- name: aiyor.gcp
version: 1.0.1This lookup returns a list of secrets stored in GCP Secret Manager provided the caller has the appropriate permissions to read the secret metadata. This does not return secret payloads, only list of secret's resource names.
- ansible.builtin.debug: # Using service account json authentication file
msg: |
List of secrets in Secret Manager: {{
lookup(
'gcp_secrets',
project='my-gcp-project-id',
auth_kind='serviceaccount',
service_account_file='/tmp/myserviceaccountfile.json')
}}
scopes:
default: https://www.googleapis.com/auth/cloud-platform
description:
- Array of scopes to be used
elements: str
type: list
secret:
description:
- The name of the secret.
required: true
project:
default: environment variable 'GCP_PROJECT'
description:
- GCP project number.
required: true
auth_kind:
choices:
- application
- machineaccount
- serviceaccount
- accesstoken
default: environment variable 'GCP_AUTH_KIND'
description:
- The type of credential used.
required: true
type: str
access_token:
description:
- An OAuth2 access token if credential type is accesstoken.
type: str
service_account_file:
description:
- The path of a Service Account JSON file if serviceaccount is selected as type.
type: path
service_account_email:
description:
- An optional service account email address if machineaccount is selected and the
user does not wish to use the default email.
type: str
service_account_contents:
description:
- The contents of a Service Account JSON file, either in a dictionary or as a JSON
string that represents it.
type: jsonarg
_raw: description: - secret names - list of string