The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Ansible AWX Plugin - secret fetch via playbook

Below, please find an example of using Ansible AWX with Akeyless Vault for storing credentials.
There are two main parameters used to configure the connection to Vault - the URL to the vault itself, and a token to use. These are used by the lookup plugin via the environment variables VAULT_ADDR and VAULT_TOKEN.

Prepare AWX Environment

Clone the project and check all the dependencies as mentioned in the getting started section: https://github.com/ansible/awx/blob/devel/INSTALL.md#getting-started

Run compose docker (run sudo ansible-playbook -i inventory install.yml): https://github.com/ansible/awx/blob/devel/INSTALL.md#docker-compose

Note: you might need to run ‘sudo mkdir /root/.awx/awxcompose’

Configure Vault

Create new project:

Create new Vault credential:

Create new Ansible AWX credential (make sure you have a secret named test):

📘

Please note

The username & password in the Ansible AWX credential (depicted above) are related to connecting hosts. These credentials are not relevant in our example. For further reading - https://docs.ansible.com/ansible-tower/3.5.1/html/userguide/credentials.html#ansible-tower

📘

Vault directory fetching (path/to/dir/*)

Only first level files in the directory will be fetched.
Only static secret will be shown.
If there are two secrets with the same key in the json it will be overridden (secret1:{"hello":"world"} & secret2:{"hello":"world2"}====>the result will contain one of the secrets).
If secret /path/to/secret has non json value: v1, vault will return the following response {"/path/to/secret":"v1"}.

Create new template:

Launch the template:

Fetching all secrets from a folder

For fetching all secrets in folder named "keys":

When fetching “secret/data/keys/*” in the Ansible AWX credentials:

Updated 4 months ago

Ansible AWX Plugin - secret fetch via playbook


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.