New in version 2.9.
/secret, but you can provide an alternate location as secret. This includes both immediate subkeys and subkey paths, like the vault list command.| Parameter | Choices/Defaults | Comments |
|---|---|---|
| authtype |
Default: token
|
authentication type to use: token, userpass, github, ldap, approle
|
| ca_cert |
Default: to environment variable VAULT_CACERT
|
path to a PEM-encoded CA cert file to use to verify the Vault server TLS certificate
|
| ca_path |
Default: to environment variable VAULT_CAPATH
|
path to a directory of PEM-encoded CA cert files to verify the Vault server TLS certificate : if ca_cert is specified, its value will take precedence
|
| client_cert |
Default: to environment variable VAULT_CLIENT_CERT
|
path to a PEM-encoded client certificate for TLS authentication to the Vault server
|
| client_key |
Default: to environment variable VAULT_CLIENT_KEY
|
path to an unencrypted PEM-encoded private key matching the client certificate
|
| password |
Default: to environment variable VAULT_PASSWORD
|
password to login to vault.
|
| secret |
Default: |
secret path to list. If this does not begin with a
/ then it is interpreted as a subpath of /secret. This is always interpreted as a "directory": if a key /secret/foo exists, and you pass /secret/foo as secret, then the key itself will not be returned, but subpaths like /secret/foo/bar will. |
| token |
Default: to environment variable VAULT_TOKEN
|
token for vault
|
| url |
Default: to environment variable VAULT_ADDR
|
url for vault
|
| username |
Default: to environment variable VAULT_USER
|
username to login to vault.
|
| verify |
Default: to environment variable VAULT_SKIP_VERIFY
|
if set, do not verify presented TLS certificate before communicating with Vault server : setting this variable is not recommended except during testing
|
---
- hosts: localhost
tasks:
- hashivault_list:
secret: 'giant'
register: 'fie'
- debug: msg="Known secrets are {{ fie.secrets|join(', ') }}"
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
|
secrets
list
|
success |
list of secrets found, if any
Sample:
['giant', 'stalks/']
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.