Try SpotterReturns a dynamic host inventory from Open-AudIT
| "added in version" 1.0.0 of sedi.openaudit"
Authors: Thomas Fischer (@se-di)
Install with ansible-galaxy collection install sedi.openaudit:==2.1.0
collections:
- name: sedi.openaudit
version: 2.1.0This inventory plugin will login to Open-AudIT and downloads the device list, fetches all fields, locations and orgs for all devices, maps all fields to (defined) human readable names and finally returns an Ansible inventory. It supports using custom fields in Open-AudIT which can then be used in Ansible as variables. This plugin is B(not) developed by Firstwave (was Opmantek until 2021) nor has any commercial relationship between. It is simply a contribution to the community in the hope it is useful and of course without any warranties.
groups:
default: {}
description: Add hosts to group based on Jinja2 conditionals.
type: dict
plugin:
choices:
- sedi.openaudit.inventory
description: token that ensures this is a config file which is part of this plugin.
required: true
strict:
default: false
description:
- If V(yes) make invalid entries a fatal error, otherwise skip and continue.
- Since it is possible to use facts in the expressions they might not always be available
and we ignore those errors by default.
type: bool
compose:
default: {}
description: Create vars from jinja2 expressions.
type: dict
oa_password:
description:
- Password for logging into the API.
- Avoid storing sensitive data in clear text by using inline encrypted variables.
- e.g. C(ansible-vault encrypt_string 'this-is-a-realpassword!' --name oa_password
--ask-vault-pass)
- At this early stage full encrypted vault files are not accessible.
- If the environment variable C(OA_PASSWORD) is set it will be used instead (i.e.
the environment var wins).
env:
- name: OA_PASSWORD
required: true
oa_username:
description:
- Username for logging into the API.
- Avoid storing sensitive data in clear text by using inline encrypted variables.
- e.g. C(ansible-vault encrypt_string 'this-is-a-real-username' --name oa_username
--ask-vault-pass)
- At this early stage full encrypted vault files are not accessible.
- If the environment variable C(OA_USERNAME) is set it will be used instead (i.e.
the environment var wins).
env:
- name: OA_USERNAME
required: true
keyed_groups:
default: []
description: Add hosts to group based on the values of a variable.
elements: dict
suboptions:
default_value:
description:
- The default value when the host variable's value is an empty string.
- This option is mutually exclusive with O(keyed_groups[].trailing_separator).
type: str
version_added: '2.12'
version_added_collection: ansible.builtin
key:
description:
- The key from input dictionary used to generate groups
type: str
parent_group:
description: parent group for keyed group
type: str
prefix:
default: ''
description: A keyed group name will start with this prefix
type: str
separator:
default: _
description: separator used to build the keyed group name
type: str
trailing_separator:
default: true
description:
- Set this option to V(False) to omit the O(keyed_groups[].separator) after the
host variable when the value is an empty string.
- This option is mutually exclusive with O(keyed_groups[].default_value).
type: bool
version_added: '2.12'
version_added_collection: ansible.builtin
type: list
oa_api_proto:
choices:
- http
- https
description: Protocol to be used for accessing the Open-AudIT server API
required: true
verify_certs:
aliases:
- validate_certs
choices:
- true
- false
default: true
description: Verify the SSL certificate of the Open-AudIT api.
required: false
version_added: 1.3.0
version_added_collection: sedi.openaudit
oa_api_server:
description: FQDN or IP address of the Open-AudIT server API
required: true
use_extra_vars:
default: false
description: Merge extra vars into the available variables for composition (highest
precedence).
env:
- name: ANSIBLE_INVENTORY_USE_EXTRA_VARS
ini:
- key: use_extra_vars
section: inventory_plugins
type: bool
version_added: '2.11'
version_added_collection: ansible.builtin
leading_separator:
default: true
description:
- Use in conjunction with keyed_groups.
- By default, a keyed group that does not have a prefix or a separator provided will
have a name that starts with an underscore.
- This is because the default prefix is "" and the default separator is "_".
- Set this option to False to omit the leading underscore (or other separator) if
no prefix is given.
- If the group name is derived from a mapping the separator is still used to concatenate
the items.
- To not use a separator in the group name at all, set the separator for the keyed
group to an empty string instead.
type: boolean
version_added: '2.11'
version_added_collection: ansible.builtin
oa_fieldsTranslate:
description:
- A dictionary of all C(Ansible variable <-> field-id) mappings.
- Must match with the fields id which can be achieved from C(Manage->Fields) within
the Open-AudIT Web UI.
- For details & examples check the L(documentation,https://github.com/secure-diversITy/ansible_openaudit_inventory/wiki).
required: false
suboptions:
freely-selectable-variable-name:
description:
- Any variable name you wish to use in Ansible.
- It becomes part of the hostvars for a host when you add it to a device in Open-AudIT.
type: int