sensu.sensu_go.secret module – Manage Sensu Go secrets
Note
This module is part of the sensu.sensu_go collection (version 1.14.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install sensu.sensu_go.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: sensu.sensu_go.secret.
New in sensu.sensu_go 1.6.0
Synopsis
Create, update or delete Sensu secret.
For more information, refer to the Sensu documentation at https://docs.sensu.io/sensu-go/latest/operations/manage-secrets/secrets/.
Requirements
The below requirements are needed on the host that executes this module.
python >= 2.7
Parameters
Parameter |
Comments |
|---|---|
Authentication parameters. Can define each of them with ENV as well. |
|
The API key that should be used when authenticating. If this is not set, the value of the SENSU_API_KEY environment variable will be checked. This replaces auth.user and auth.password parameters. For more information about the API key, refer to the official Sensu documentation at https://docs.sensu.io/sensu-go/latest/guides/use-apikey-feature/. |
|
Path to the CA bundle that should be used to validate the backend certificate. If this parameter is not set, module will use the CA bundle that python is using. It is also possible to set this parameter via the SENSU_CA_PATH environment variable. |
|
The Sensu user’s password. If this is not set the value of the SENSU_PASSWORD environment variable will be checked. This parameter is ignored if the auth.api_key parameter is set. Default: |
|
Location of the Sensu backend API. If this is not set the value of the SENSU_URL environment variable will be checked. Default: |
|
The username to use for connecting to the Sensu API. If this is not set the value of the SENSU_USER environment variable will be checked. This parameter is ignored if the auth.api_key parameter is set. Default: |
|
Flag that controls the certificate validation. If you are using self-signed certificates, you can set this parameter to ONLY USE THIS PARAMETER IN DEVELOPMENT SCENARIOS! In you use self-signed certificates in production, see the auth.ca_path parameter. It is also possible to set this parameter via the SENSU_VERIFY environment variable. Choices:
|
|
Secret’s id in the provider store. Required if state is |
|
The Sensu resource’s name. This name (in combination with the namespace where applicable) uniquely identifies the resource that Ansible operates on. If the resource with selected name already exists, Ansible module will update it to match the specification in the task. Consult the name metadata attribute specification in the upstream docs on https://docs.sensu.io/sensu-go/latest/reference/ for more details about valid names and other restrictions. |
|
RBAC namespace to operate in. If this is not set the value of the SENSU_NAMESPACE environment variable will be used. Default: |
|
Name of the secrets provider that backs the secret value. Required if state is |
|
Target state of the Sensu object. Choices:
|
See Also
See also
- sensu.sensu_go.secret_info
List available Sensu Go secrets.
- sensu.sensu_go.secrets_provider_env
Manage Sensu Env secrets provider.
- sensu.sensu_go.secrets_provider_vault
Manage Sensu VaultProvider secrets providers.
- sensu.sensu_go.secrets_provider_info
List Sensu secrets providers.
Examples
- name: Create an environment varibale-backed secret
sensu.sensu_go.secret:
name: env_secret
provider: env
id: MY_ENV_VARIABLE
- name: Create a HashiCorp Vault-backed secret
sensu.sensu_go.secret:
name: hashi_valut_secret
provider: vault
id: secret/store#name
- name: Delete a secret
sensu.sensu_go.secret:
name: my_secret
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Object representing Sensu secret. Returned: success Sample: |