You are reading an unmaintained version of the Ansible documentation. Unmaintained Ansible versions can contain unfixed security vulnerabilities (CVE). Please upgrade to a maintained version. See the latest Ansible documentation.

ansible.builtin.subelements lookup – traverse nested key from a list of dictionaries

Note

This lookup plugin is part of ansible-core and included in all Ansible installations. In most cases, you can use the short plugin name subelements even without specifying the collections: keyword. However, we recommend you use the FQCN for easy linking to the plugin documentation and to avoid conflicting with other collections that may have the same lookup plugin name.

New in version 1.4: of ansible.builtin

Synopsis

• Subelements walks a list of hashes (aka dictionaries) and then traverses a list with a given (nested sub-)key inside of those records.

Parameters

Parameter	Comments
_terms string / required	tuple of list of dictionaries and dictionary key to extract
skip_missing string	Lookup accepts this flag from a dictionary as optional. See Example section for more information. If set to True, the lookup plugin will skip the lists items that do not contain the given subkey. If set to False, the plugin will yield an error and complain about the missing subkey. Default: “no”

Examples

- name: show var structure as it is needed for example to make sense
  hosts: all
  vars:
    users:
      - name: alice
        authorized:
          - /tmp/alice/onekey.pub
          - /tmp/alice/twokey.pub
        mysql:
            password: mysql-password
            hosts:
              - "%"
              - "127.0.0.1"
              - "::1"
              - "localhost"
            privs:
              - "*.*:SELECT"
              - "DB1.*:ALL"
        groups:
          - wheel
      - name: bob
        authorized:
          - /tmp/bob/id_rsa.pub
        mysql:
            password: other-mysql-password
            hosts:
              - "db1"
            privs:
              - "*.*:SELECT"
              - "DB2.*:ALL"
  tasks:
    - name: Set authorized ssh key, extracting just that data from 'users'
      authorized_key:
        user: "{{ item.0.name }}"
        key: "{{ lookup('file', item.1) }}"
      with_subelements:
         - "{{ users }}"
         - authorized

    - name: Setup MySQL users, given the mysql hosts and privs subkey lists
      mysql_user:
        name: "{{ item.0.name }}"
        password: "{{ item.0.mysql.password }}"
        host: "{{ item.1 }}"
        priv: "{{ item.0.mysql.privs | join('/') }}"
      with_subelements:
        - "{{ users }}"
        - mysql.hosts

    - name: list groups for users that have them, don't error if groups key is missing
      debug: var=item
      loop: "{{ q('subelements', users, 'groups', {'skip_missing': True}) }}"

Return Values

Common return values are documented here, the following are the fields unique to this lookup:

Key	Description
_list string	list of subelements extracted Returned: success

Authors

• Serge van Ginderachter

Hint

Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.

Collection links

Issue Tracker Repository (Sources) Communication