XLAB Steampunk logo Try Spotter
 / home / community / community.hashi_vault / 6.2.0 / filter / vault_login_token

community.hashi_vault.vault_login_token (6.2.0) — filter

Extracts the Vault token from a login or token creation

| "added in version" 2.2.0 of community.hashi_vault"

Authors: Brian Scholer (@briantist)

Install collection | Add to requirements.yml | Description | Usage examples | Inputs | Outputs

Install collection

Install with ansible-galaxy collection install community.hashi_vault:==6.2.0


Add to requirements.yml

  collections:
    - name: community.hashi_vault
      version: 6.2.0

Description

Extracts the token value from the structure returned by a Vault token creation operation.

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Set defaults
  vars:
    ansible_hashi_vault_url: https://vault:9801/
    ansible_hashi_vault_auth_method: userpass
    ansible_hashi_vault_username: user
    ansible_hashi_vault_password: "{{ lookup('env', 'MY_SECRET_PASSWORD') }}"
  module_defaults:
    community.hashi_vault.vault_login:
      url: '{{ ansible_hashi_vault_url }}'
      auth_method: '{{ ansible_hashi_vault_auth_method }}'
      username: '{{ ansible_hashi_vault_username }}'
      password: '{{ ansible_hashi_vault_password }}'
  block:
    - name: Perform a login with a lookup and display the token
      vars:
        login_response: "{{ lookup('community.hashi_vault.vault_login') }}"
      debug:
        msg: "The token is {{ login_response | community.hashi_vault.vault_login_token }}"

    - name: Perform a login with a module
      community.hashi_vault.vault_login:
      register: login_response

    - name: Display the token
      debug:
        msg: "The token is {{ login_response | community.hashi_vault.vault_login_token }}"
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Use of optional_field
  vars:
    lookup_login_response: "{{ lookup('community.hashi_vault.vault_login') }}"
    my_data:
      something: somedata
      vault_login: "{{ lookup_login_response }}"

    token_from_param: "{{ my_data | community.hashi_vault.vault_login_token(optional_field='vault_login') }}"
    token_from_deref: "{{ my_data['vault_login'] | community.hashi_vault.vault_login_token }}"
    # if the optional field doesn't exist, the dictionary itself is still checked
    unused_optional: "{{ my_data['vault_login'] | community.hashi_vault.vault_login_token(optional_field='missing') }}"
  block:
    - name: Display the variables
      ansible.builtin.debug:
        var: '{{ item }}'
      loop:
        - my_data
        - token_from_param
        - token_from_deref
        - unused_optional

Inputs

    
_input:
    description:
    - A dictionary matching the structure returned by a login or token creation.
    required: true
    type: dict

optional_field:
    default: login
    description:
    - If this field exists in the input dictionary, then the value of that field is used
      as the I(_input) value.
    - The default value deals with the difference between the output of lookup plugins,
      and does not need to be changed in most cases.
    - See the examples or the Filter guide for more information.
    type: string

Outputs

_value:
  description: The token value.
  returned: always
  sample: s.nnrpog4i5gjizr6b8g1inwj3
  type: string

See also

Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy