conjur_variable – Fetch credentials from CyberArk Conjur¶
New in version 2.5.
Synopsis¶
Retrieves credentials from Conjur using the controlling host’s Conjur identity. Conjur info: https://www.conjur.org/.
Requirements¶
The below requirements are needed on the local master node that executes this lookup.
The controlling host running Ansible has a Conjur identity. (More: https://developer.conjur.net/key_concepts/machine_identity.html)
Parameters¶
Parameter | Choices/Defaults | Configuration | Comments |
---|---|---|---|
_term
-
/ required
|
Variable path
|
||
config_file
path
|
Default: "/etc/conjur.conf"
|
ini entries:
[conjur,] env:CONJUR_CONFIG_FILE
|
Path to the Conjur configuration file. The configuration file is a YAML file.
|
identity_file
path
|
Default: "/etc/conjur.identity"
|
ini entries:
[conjur,] env:CONJUR_IDENTITY_FILE
|
Path to the Conjur identity file. The identity file follows the netrc file format convention.
|
Examples¶
- debug:
msg: "{{ lookup('conjur_variable', '/path/to/secret') }}"
Return Values¶
Common return values are documented here, the following are the fields unique to this lookup:
Key | Returned | Description |
---|---|---|
_raw
-
|
Value stored in Conjur.
|
Status¶
This lookup is not guaranteed to have a backwards compatible interface. [preview]
This lookup is maintained by the Ansible Community. [community]