azure / azure.azcollection / 0.3.0 / module / azure_rm_keyvault_info Get Azure Key Vault facts | "added in version" 2.9 of azure.azcollection" Authors: Yunge Zhu (@yungezz) preview | supported by communityazure.azcollection.azure_rm_keyvault_info (0.3.0) — module
Install with ansible-galaxy collection install azure.azcollection:==0.3.0
collections: - name: azure.azcollection version: 0.3.0
Get facts of Azure Key Vault.
- name: Get Key Vault by name azure_rm_keyvault_info: resource_group: myResourceGroup name: myVault
- name: List Key Vaults in specific resource group azure_rm_keyvault_info: resource_group: myResourceGroup
- name: List Key Vaults in current subscription azure_rm_keyvault_info:
name: description: - The name of the key vault. tags: description: - Limit results by providing a list of tags. Format tags as 'key' or 'key:value'. secret: description: - Azure client secret. Use when authenticating with a Service Principal. type: str tenant: description: - Azure tenant ID. Use when authenticating with a Service Principal. type: str ad_user: description: - Active Directory username. Use when authenticating with an Active Directory user rather than service principal. type: str profile: description: - Security profile found in ~/.azure/credentials file. type: str password: description: - Active Directory user password. Use when authenticating with an Active Directory user rather than service principal. type: str client_id: description: - Azure client ID. Use when authenticating with a Service Principal. type: str api_profile: default: latest description: - Selects an API profile to use when communicating with Azure services. Default value of C(latest) is appropriate for public clouds; future values will allow use with Azure Stack. type: str version_added: '2.5' version_added_collection: azure.azcollection auth_source: choices: - auto - cli - credential_file - env - msi description: - Controls the source of the credentials to use for authentication. - If not specified, ANSIBLE_AZURE_AUTH_SOURCE environment variable will be used and default to C(auto) if variable is not defined. - C(auto) will follow the default precedence of module parameters -> environment variables -> default profile in credential file C(~/.azure/credentials). - When set to C(cli), the credentials will be sources from the default Azure CLI profile. - Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable. - When set to C(msi), the host machine must be an azure resource with an enabled MSI extension. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used to identify the subscription ID if the resource is granted access to more than one subscription, otherwise the first subscription is chosen. - The C(msi) was added in Ansible 2.6. type: str version_added: '2.5' version_added_collection: azure.azcollection resource_group: description: - The name of the resource group to which the key vault belongs. subscription_id: description: - Your Azure subscription Id. type: str cloud_environment: default: AzureCloud description: - For cloud environments other than the US public cloud, the environment name (as defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a metadata discovery endpoint URL (required for Azure Stack). Can also be set via credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable. type: str version_added: '2.4' version_added_collection: azure.azcollection adfs_authority_url: description: - Azure AD authority url. Use when authenticating with Username/password, and has your own ADFS authority. type: str version_added: '2.6' version_added_collection: azure.azcollection cert_validation_mode: choices: - ignore - validate description: - Controls the certificate validation behavior for Azure endpoints. By default, all modules will validate the server certificate, but when an HTTPS proxy is in use, or against Azure Stack, it may be necessary to disable this behavior by passing C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION) environment variable. type: str version_added: '2.5' version_added_collection: azure.azcollection
keyvaults: contains: access_policies: contains: object_id: description: The object if of a user, service principal or security group in AAD for the vault. returned: always sample: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx type: str permissions: contains: certificates: description: Permissions to secrets. returned: always sample: - get - import type: list keys: description: Permissions to keys. returned: always sample: - get - create type: list secrets: description: Permissions to secrets. returned: always sample: - list - set type: list description: Permissions the identity has for keys, secrets and certificates. returned: always type: complex tenant_id: description: The AAD tenant iD that should be used for authenticating requests to the key vault. returned: always sample: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx type: str description: - Location of the vault. returned: always type: list enabled_for_deployments: description: - Whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. returned: always sample: false type: bool enabled_for_disk_encryption: description: - Whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. returned: always sample: false type: bool enabled_for_template_deployment: description: - Whether Azure Resource Manager is permitted to retrieve secrets from the key vault. returned: always sample: false type: bool id: description: - Resource Id of the vault. returned: always sample: /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVault type: str location: description: - Location of the vault. returned: always sample: eastus type: str name: description: - Name of the vault. returned: always sample: myVault type: str sku: contains: family: description: Sku family name. returned: always sample: A type: str name: description: Sku name. returned: always sample: standard type: str description: - Sku of the vault. returned: always type: dict tags: description: - List of tags. sample: - foo type: list vault_uri: description: - Vault uri. returned: always sample: https://myVault.vault.azure.net/ type: str description: List of Azure Key Vaults. returned: always type: list