Ansible - Retrieve Amazon Web Services (AWS) Secret Value
by
Jeremy Canfield |
Updated: December 20 2023
| Ansible articles
If you are not familiar with modules, check out Ansible - Getting Started with Modules.
Prerequisites
- Before you can use the Ansible Amazon Web Services (AWS) modules, you will need to install the AWS CLI tool on the hosts that will be using the Ansible Amazon Web Services (AWS) modules. Check out my article on Getting Started with the Ansible Amazon Web Services (AWS) modules.
- You will also need to set your Amazon Web Services (AWS) Profile Configurations. Check out my article Set Amazon Web Services (AWS) Profile Configurations.
- The aws_s3_bucket_info requires the following packages. Check out my article Resolve "boto3 required for this module".
- botocore version 1.25.0 or higher
- boto3 version 1.22.0 or higher
- Python 3.6 or higher must be used. The ansible --version command can be used to list the version of Python being used with Ansible. If your Ansible installation is used a version lower than Python 3.6, one solution would be to install Ansible in a Python virtual environment using Python 3.6 or higher.
- The amazon.aws collection will need to be installed. Check out my article on Install a collection using the ansible-galaxy collection install command.
Here is an example of how to use set_fact to create a variable named greeting that contains the value of the greeting secret.
---
- hosts: localhost
tasks:
- name: retrieve the value of the greeting secret
set_fact:
greeting: "{{ lookup('amazon.aws.aws_secret', 'greeting' ) }}"
- debug:
var: greeting
...
Something like this should be returned.
ok: [localhost] => {
"msg": {
"greeting": "Hello World"
}
}
Did you find this article helpful?
If so, consider buying me a coffee over at