Try SpotterGet secrets from Thycotic DevOps Secrets Vault
| "added in version" 1.0.0 of community.general"
Authors: Adam Migus (@amigus) <adam@migus.org>
Install with ansible-galaxy collection install community.general:==8.5.0
collections:
- name: community.general
version: 8.5.0Uses the Thycotic DevOps Secrets Vault Python SDK to get Secrets from a DSV O(tenant) using a O(client_id) and O(client_secret).
- hosts: localhost
vars:
secret: "{{ lookup('community.general.dsv', '/test/secret') }}"
tasks:
- ansible.builtin.debug:
msg: 'the password is {{ secret["data"]["password"] }}'
tld:
default: com
description: The top-level domain of the tenant; the second format parameter in the
default O(url_template).
env:
- name: DSV_TLD
ini:
- key: tld
section: dsv_lookup
required: false
_terms:
description: The path to the secret, for example V(/staging/servers/web1).
required: true
tenant:
description: The first format parameter in the default O(url_template).
env:
- name: DSV_TENANT
ini:
- key: tenant
section: dsv_lookup
required: true
client_id:
description: The client_id with which to request the Access Grant.
env:
- name: DSV_CLIENT_ID
ini:
- key: client_id
section: dsv_lookup
required: true
url_template:
default: https://{}.secretsvaultcloud.{}/v1
description: The path to prepend to the base URL to form a valid REST API request.
env:
- name: DSV_URL_TEMPLATE
ini:
- key: url_template
section: dsv_lookup
required: false
client_secret:
description: The client secret associated with the specific O(client_id).
env:
- name: DSV_CLIENT_SECRET
ini:
- key: client_secret
section: dsv_lookup
required: true
_list:
description:
- One or more JSON responses to C(GET /secrets/{path}).
- See U(https://dsv.thycotic.com/api/index.html#operation/getSecret).
elements: dict
type: list