Documentation

hashivault_read_to_file - Hashicorp Vault read module

New in version 3.8.3.

Synopsis

  • Reads and deocdes a base64 encoded file from Hashicorp Vault and saves it to disk. Implementation in /plugins/action/hashivault_read_to_file.py.

Parameters

Parameter Choices/Defaults Comments
authtype Default:
token
authentication type to use: token, userpass, github, ldap, approle
dest
fully qualified path name of file to write to remote host.
force Default:
no
force overwrite of file.
key
secret key/name of file to read from vault.
mode Default:
436
file permissions of file to write on remote host.
in octal, don't forget leading zero!
password
password to login to vault.
secret
vault secret to read.
token Default:
to environment variable VAULT_TOKEN
token for vault
url Default:
to environment variable VAULT_ADDR
url for vault
username
username to login to vault.
verify Default:
to environment variable VAULT_SKIP_VERIFY
verify TLS certificate

Examples

---
- hosts: localhost
  tasks:
    - hashivault_read_to_file:
        secret: 'giant'
        key: 'foo.dat'
        dest: '/tmp/foo.dat'

Status

Author

  • Developed for AT&T by Nicholas Gibson, August 2017

Hint

If you notice any issues in this documentation you can edit this document to improve it.