aws_secret – Look up secrets stored in AWS Secrets Manager¶
New in version 2.8.
Synopsis¶
Look up secrets stored in AWS Secrets Manager provided the caller has the appropriate permissions to read the secret.
Lookup is based on the secret’s Name value.
Optional parameters can be passed into this lookup; version_id and version_stage
Requirements¶
The below requirements are needed on the local master node that executes this lookup.
boto3
botocore>=1.10.0
Parameters¶
Examples¶
- name: Create RDS instance with aws_secret lookup for password param
rds:
command: create
instance_name: app-db
db_engine: MySQL
size: 10
instance_type: db.m1.small
username: dbadmin
password: "{{ lookup('aws_secret', 'DbSecret') }}"
tags:
Environment: staging
Return Values¶
Common return values are documented here, the following are the fields unique to this lookup:
Key | Returned | Description |
---|---|---|
_raw
-
|
Returns the value of the secret stored in AWS Secrets Manager.
|
Status¶
This lookup is not guaranteed to have a backwards compatible interface. [preview]
This lookup is maintained by the Ansible Community. [community]
Authors¶
Aaron Smith <ajsmith10381@gmail.com>
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
Hint
Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.