azure.azcollection.azure_rm_adpassword_info (2.3.0) — module

Install collection

Install with ansible-galaxy collection install azure.azcollection:==2.3.0

Add to requirements.yml

  collections:
    - name: azure.azcollection
      version: 2.3.0

Description

Get application password info.

Requirements

• python >= 2.7
• The host that executes this module must have the azure.azcollection collection installed via galaxy
• All python packages listed in collection's requirements-azure.txt must be installed via pip on the host that executes modules from azure.azcollection
• Full installation instructions may be found https://galaxy.ansible.com/azure/azcollection

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: get ad password info
  azure_rm_adpassword_info:
    app_id: "{{ app_id }}"
    key_id: "{{ key_id }}"

Inputs

    
value:
    description:
    - The application password value.
    - Length greater than 18 characters.
    type: str

app_id:
    description:
    - The application ID.
    type: str

key_id:
    description:
    - The password key ID.
    type: str

secret:
    description:
    - Azure client secret. Use when authenticating with a Service Principal.
    type: str

tenant:
    description:
    - Azure tenant ID. Use when authenticating with a Service Principal.
    type: str

ad_user:
    description:
    - Active Directory username. Use when authenticating with an Active Directory user
      rather than service principal.
    type: str

profile:
    description:
    - Security profile found in ~/.azure/credentials file.
    type: str

end_date:
    description:
    - Date or datemtime after which credentials expire.
    - Default value is one year after current time.
    type: str

log_mode:
    description:
    - Parent argument.
    type: str

log_path:
    description:
    - Parent argument.
    type: str

password:
    description:
    - Active Directory user password. Use when authenticating with an Active Directory
      user rather than service principal.
    type: str

client_id:
    description:
    - Azure client ID. Use when authenticating with a Service Principal or Managed Identity
      (msi).
    - Can also be set via the C(AZURE_CLIENT_ID) environment variable.
    type: str

thumbprint:
    description:
    - The thumbprint of the private key specified in I(x509_certificate_path).
    - Use when authenticating with a Service Principal.
    - Required if I(x509_certificate_path) is defined.
    type: str
    version_added: 1.14.0
    version_added_collection: azure.azcollection

api_profile:
    default: latest
    description:
    - Selects an API profile to use when communicating with Azure services. Default value
      of C(latest) is appropriate for public clouds; future values will allow use with
      Azure Stack.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

auth_source:
    choices:
    - auto
    - cli
    - credential_file
    - env
    - msi
    default: auto
    description:
    - Controls the source of the credentials to use for authentication.
    - Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
    - When set to C(auto) (the default) the precedence is module parameters -> C(env)
      -> C(credential_file) -> C(cli).
    - When set to C(env), the credentials will be read from the environment variables
    - When set to C(credential_file), it will read the profile from C(~/.azure/credentials).
    - When set to C(cli), the credentials will be sources from the Azure CLI profile.
      C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used
      to identify the subscription ID if more than one is present otherwise the default
      az cli subscription is used.
    - When set to C(msi), the host machine must be an azure resource with an enabled MSI
      extension. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID)
      can be used to identify the subscription ID if the resource is granted access to
      more than one subscription, otherwise the first subscription is chosen.
    - The C(msi) was added in Ansible 2.6.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

app_object_id:
    description:
    - The application object ID.
    type: str

subscription_id:
    description:
    - Your Azure subscription Id.
    type: str

cloud_environment:
    default: AzureCloud
    description:
    - For cloud environments other than the US public cloud, the environment name (as
      defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a
      metadata discovery endpoint URL (required for Azure Stack). Can also be set via
      credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

adfs_authority_url:
    description:
    - Azure AD authority url. Use when authenticating with Username/password, and has
      your own ADFS authority.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

cert_validation_mode:
    choices:
    - ignore
    - validate
    description:
    - Controls the certificate validation behavior for Azure endpoints. By default, all
      modules will validate the server certificate, but when an HTTPS proxy is in use,
      or against Azure Stack, it may be necessary to disable this behavior by passing
      C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION)
      environment variable.
    type: str
    version_added: 0.0.1
    version_added_collection: azure.azcollection

x509_certificate_path:
    description:
    - Path to the X509 certificate used to create the service principal in PEM format.
    - The certificate must be appended to the private key.
    - Use when authenticating with a Service Principal.
    type: path
    version_added: 1.14.0
    version_added_collection: azure.azcollection

disable_instance_discovery:
    default: false
    description:
    - Determines whether or not instance discovery is performed when attempting to authenticate.
      Setting this to true will completely disable both instance discovery and authority
      validation. This functionality is intended for use in scenarios where the metadata
      endpoint cannot be reached such as in private clouds or Azure Stack. The process
      of instance discovery entails retrieving authority metadata from https://login.microsoft.com/
      to validate the authority. By setting this to **True**, the validation of the authority
      is disabled. As a result, it is crucial to ensure that the configured authority
      host is valid and trustworthy.
    - Set via credential file profile or the C(AZURE_DISABLE_INSTANCE_DISCOVERY) environment
      variable.
    type: bool
    version_added: 2.3.0
    version_added_collection: azure.azcollection

service_principal_object_id:
    description:
    - The service principal object ID.
    type: str

Outputs

passwords:
  contains:
    custom_key_identifier:
      description:
      - Custom key identifier.
      returned: always
      sample: None
      type: str
    end_date:
      description:
      - Date or datemtime after which credentials expire.
      - Default value is one year after current time.
      returned: always
      sample: '2021-06-18T06:51:25.508304+00:00'
      type: str
    key_id:
      description:
      - The password key ID.
      returned: always
      sample: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
      type: str
    start_date:
      description:
      - Date or datetime at which credentials become valid.
      - Default value is current time
      returned: always
      sample: '2020-06-18T06:51:25.508304+00:00'
      type: str
  description:
  - The password info.
  returned: success
  type: dict

See also

• Sign in with Azure CLI: How to authenticate using the C(az login) command. link