Skip to content

In here you will learn how to safely pass secrets from Ansible Automation Platform to a script.

License

Notifications You must be signed in to change notification settings

ericcames/aap.secrets-scripts

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Ansible Automation Platform (AAP) secrets to scripts.

This repository will show you how pass secrets to a script in a safe and secure way.

Secrets to localhost (AKA the execution environment)

This method creates an environment variable on the execution environment that is used by the python script.

AAP Credential Type configurations

Input configuration

fields:
  - id: DYNATRACE_API_KEY
    type: string
    label: Dynatrace API Token
    secret: true
  - id: freshservice_api_key
    type: string
    label: Fresh Service API Token
    secret: true
required:
  - DYNATRACE_API_KEY

Injector configuration

env:
  DYNATRACE_API_KEY: '{{ DYNATRACE_API_KEY }}'
  freshservice_api_key: '{{ freshservice_api_key }}'

Custom Credential playbook

alt text alt text alt text

Secrets to a remotehost method 1

Pass secrets from a vaulted file using vars_files playbook. For this method to work you will need to create a vault credential in your AAP and relate it to your job template.

alt text

Example vault contents

dynatrace_api_key: 123456_secrets_are_here

Secrets to a remotehost method 2

Pass secret from an inbeded vault file using vars playbook. For this method to work you will need to create a vault credential in your AAP and relate it to your job template.

alt text

Example vault contents

123456_secrets_are_here

About

In here you will learn how to safely pass secrets from Ansible Automation Platform to a script.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages