community / community.general / 3.8.10 / lookup / dsv Get secrets from Thycotic DevOps Secrets Vault | "added in version" 1.0.0 of community.general" Authors: Adam Migus (@amigus) <adam@migus.org>community.general.dsv (3.8.10) — lookup
Install with ansible-galaxy collection install community.general:==3.8.10
collections: - name: community.general version: 3.8.10
Uses the Thycotic DevOps Secrets Vault Python SDK to get Secrets from a DSV I(tenant) using a I(client_id) and I(client_secret).
- hosts: localhost vars: secret: "{{ lookup('community.general.dsv', '/test/secret') }}" tasks: - ansible.builtin.debug: msg: 'the password is {{ secret["data"]["password"] }}'
tld: default: com description: The top-level domain of the tenant; the second format parameter in the default I(url_template). env: - name: DSV_TLD ini: - key: tld section: dsv_lookup required: false _terms: description: The path to the secret, e.g. C(/staging/servers/web1). required: true tenant: description: The first format parameter in the default I(url_template). env: - name: DSV_TENANT ini: - key: tenant section: dsv_lookup required: true client_id: description: The client_id with which to request the Access Grant. env: - name: DSV_CLIENT_ID ini: - key: client_id section: dsv_lookup required: true url_template: default: https://{}.secretsvaultcloud.{}/v1 description: The path to prepend to the base URL to form a valid REST API request. env: - name: DSV_URL_TEMPLATE ini: - key: url_template section: dsv_lookup required: false client_secret: description: The client secret associated with the specific I(client_id). env: - name: DSV_CLIENT_SECRET ini: - key: client_secret section: dsv_lookup required: true
_list: description: - One or more JSON responses to C(GET /secrets/{path}). - See U(https://dsv.thycotic.com/api/index.html#operation/getSecret). elements: dict type: list