Documentation

conjur_variable – Fetch credentials from CyberArk Conjur.

New in version 2.5.

Synopsis

  • Retrieves credentials from Conjur using the controlling host’s Conjur identity. Conjur info: https://www.conjur.org/.

Requirements

The below requirements are needed on the local master node that executes this lookup.

Parameters

Parameter Choices/Defaults Configuration Comments
_term
- / required
Variable path
config_file
path
Default:
/etc/conjur.conf
ini entries:

[conjur,]
config_file_path = /etc/conjur.conf

env:CONJUR_CONFIG_FILE
Path to the Conjur configuration file. The configuration file is a YAML file.
identity_file
path
Default:
/etc/conjur.identity
ini entries:

[conjur,]
identity_file_path = /etc/conjur.identity

env:CONJUR_IDENTITY_FILE
Path to the Conjur identity file. The identity file follows the netrc file format convention.

Examples

- debug:
    msg: "{{ lookup('conjur_variable', '/path/to/secret') }}"

Return Values

Common return values are documented here, the following are the fields unique to this lookup:

Key Returned Description
_raw
-
Value stored in Conjur.



Status

Authors

  • UNKNOWN

Hint

If you notice any issues in this documentation you can edit this document to improve it.