community.general.systemd_creds_decrypt module – systemd‘s systemd-creds decrypt plugin
Note
This module is part of the community.general collection (version 10.2.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.general.
To use it in a playbook, specify: community.general.systemd_creds_decrypt.
New in community.general 10.2.0
Synopsis
This module decrypts input using
systemd‘ssystemd-creds decrypt.
Parameters
Parameter |
Comments |
|---|---|
The credential name to validate the embedded credential name. |
|
Whether to add a trailing newline character to the end of the output, if not present. Choices:
|
|
The secret to decrypt. |
|
The timestamp to use to validate the Takes a timestamp specification in the format described in |
|
Whether to transcode the output before returning it. Choices:
|
|
A user name or numeric UID when decrypting from a specific user context. If set to the special string Requires |
Attributes
Attribute |
Support |
Description |
|---|---|---|
Support: full This action does not modify state. |
Can run in |
|
Support: N/A This action does not modify state. |
Will return details on what has changed (or possibly needs changing in |
Notes
Note
systemd-credsrequiressystemd250 or later.
Examples
- name: Decrypt secret
community.general.systemd_creds_decrypt:
name: db
secret: "WhQZht+JQJax1aZemmGLxmAAAA..."
register: decrypted_secret
- name: Print the decrypted secret
ansible.builtin.debug:
msg: "{{ decrypted_secret }}"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
The decrypted secret. Note that Ansible only supports returning UTF-8 encoded strings. If the decrypted secret is binary data, or a string encoded in another way, use Returned: always Sample: |