Try SpotterFetch credentials from CyberArk Conjur.
| "added in version" 1.0.2 of cyberark.conjur"
Authors: CyberArk BizDev (@cyberark-bizdev)
preview | supported by community
Install with ansible-galaxy collection install cyberark.conjur:==1.2.2
collections:
- name: cyberark.conjur
version: 1.2.2Retrieves credentials from Conjur using the controlling host's Conjur identity or environment variables. Environment variables could be CONJUR_ACCOUNT, CONJUR_APPLIANCE_URL, CONJUR_CERT_FILE, CONJUR_AUTHN_LOGIN, CONJUR_AUTHN_API_KEY, CONJUR_AUTHN_TOKEN_FILE Conjur info - U(https://www.conjur.org/).
---
- hosts: localhost
collections:
- cyberark.conjur
tasks:
- name: Lookup variable in Conjur
debug:
msg: "{{ lookup('cyberark.conjur.conjur_variable', '/path/to/secret') }}"
_terms:
description: Variable path
required: true
as_file:
default: false
description: 'Store lookup result in a temporary file and returns the file path. Thus
allowing it to be consumed as an ansible file parameter (eg ansible_ssh_private_key_file).
'
type: boolean
config_file:
default: /etc/conjur.conf
description: Path to the Conjur configuration file. The configuration file is a YAML
file.
env:
- name: CONJUR_CONFIG_FILE
ini:
- key: config_file_path
section: conjur,
required: false
type: path
identity_file:
default: /etc/conjur.identity
description: Path to the Conjur identity file. The identity file follows the netrc
file format convention.
env:
- name: CONJUR_IDENTITY_FILE
ini:
- key: identity_file_path
section: conjur,
required: false
type: path
validate_certs:
default: true
description: Flag to control SSL certificate validation
type: boolean
authn_token_file:
default: /var/run/conjur/access-token
description: Path to the access token file.
env:
- name: CONJUR_AUTHN_TOKEN_FILE
ini:
- key: authn_token_file
section: conjur,
required: false
type: path
_raw: description: - Value stored in Conjur.