conjur_variable – Fetch credentials from CyberArk Conjur

New in version 2.5.

Synopsis

  • Retrieves credentials from Conjur using the controlling host’s Conjur identity. Conjur info: https://www.conjur.org/.

Requirements

The below requirements are needed on the local master node that executes this lookup.

Parameters

Parameter Choices/Defaults Configuration Comments
_term
- / required
Variable path
config_file
path
Default:
"/etc/conjur.conf"
ini entries:

[conjur,]
config_file_path = /etc/conjur.conf

env:CONJUR_CONFIG_FILE
Path to the Conjur configuration file. The configuration file is a YAML file.
identity_file
path
Default:
"/etc/conjur.identity"
ini entries:

[conjur,]
identity_file_path = /etc/conjur.identity

env:CONJUR_IDENTITY_FILE
Path to the Conjur identity file. The identity file follows the netrc file format convention.

Examples

- debug:
    msg: "{{ lookup('conjur_variable', '/path/to/secret') }}"

Return Values

Common return values are documented here, the following are the fields unique to this lookup:

Key Returned Description
_raw
-
Value stored in Conjur.



Status

Authors

  • UNKNOWN

Hint

If you notice any issues in this documentation, you can edit this document to improve it.

Hint

Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.