masterlittle / masterlittle.google / 1.0.9 / lookup / gsm Look up secrets stored in Google Secrets Manager. Authors: Shitij Goyal<goyalshitij@gmail.com>masterlittle.google.gsm (1.0.9) — lookup
Install with ansible-galaxy collection install masterlittle.google:==1.0.9
collections: - name: masterlittle.google version: 1.0.9
Look up secrets stored in Google Secrets Manager provided the caller has the appropriate permissions to read the secret.
Lookup is based on the secret's I(Name) value.
Optional parameters can be passed into this lookup; I(version_id)
- name: lookup secretsmanager secret in the current region debug: msg="{{ lookup('masterlittle.google.gsm','/path/to/secrets', project_id='project-id') }}"
- name: skip if secret does not exist debug: msg="{{ lookup('masterlittle.google.gsm', 'secret-not-exist', project_id='project-id', on_missing='skip')}}"
- name: warn if access to the secret is denied debug: msg="{{ lookup('masterlittle.google.gsm', 'secret-denied', project_id='project-id', on_denied='warn')}}"
- name: lookup secretsmanager secret in the current region using the nested feature debug: msg="{{ lookup('masterlittle.google.gsm', 'secrets.environments.production.password', project_id='project-id', nested=true) }}"
join: default: false description: - Join two or more entries to form an extended secret. type: boolean _terms: description: Name of the secret to look up in Google Secrets Manager. required: true nested: default: false description: A boolean to indicate the secret contains nested values. type: boolean version_added: 1.0.0 version_added_collection: masterlittle.google on_denied: choices: - error - skip - warn default: error description: - Action to take if access to the secret is denied. - C(error) will raise a fatal error when access to the secret is denied. - C(skip) will silently ignore the denied secret. - C(warn) will skip over the denied secret but issue a warning. type: string on_missing: choices: - error - skip - warn default: error description: - Action to take if the secret is missing. - C(error) will raise a fatal error when the secret is missing. - C(skip) will silently ignore the missing secret. - C(warn) will skip over the missing secret but issue a warning. type: string project_id: description: The project ID in which the secrets reside required: true version_id: description: Version of the secret(s). required: false
_raw: description: Returns the value of the secret stored in Google Secrets Manager.