Skip to content

secret

Collection Note

This module is part of the networktocode.nautobot collection. To install the collection, use:

ansible-galaxy collection install networktocode.nautobot
Added in version 5.11.0.

You need further requirements to be able to use this module, see the Requirements section for details.

Synopsis

  • Creates or removes secrets from Nautobot

Requirements

The following Python packages are needed on the host that executes this module:

Parameters

Parameter Defaults / Choices Comments
api_version
str
API Version Nautobot REST API
Version Added: 4.1.0
custom_fields
dict
Must exist in Nautobot and in key/value format
Version Added: 3.0.0
description
str
A description of the secret
id
str
The UUID of the object to operate on
Version Added: 5.13.0
name
str
The name of the secret
Required if I(state=present) and the secret does not exist yet
parameters
dict
A dictionary of parameters for the secret
Required if I(state=present) and the secret does not exist yet
provider
str
The provider of the secret (e.g., environment-variable, text-file)
Required if I(state=present) and the secret does not exist yet
query_params
list / elements=str
This can be used to override the specified values in ALLOWED_QUERY_PARAMS that is defined
in plugins/module_utils/utils.py and provides control to users on what may make
an object unique in their environment.
Version Added: 3.0.0
state
str
Default: present
Choices: absent, present
Use C(present) or C(absent) for adding or removing.
tags
list / elements=raw
Any tags that this item may need to be associated with
Version Added: 3.0.0
token
str
required
The token created within Nautobot to authorize API access
Can be omitted if the E(NAUTOBOT_TOKEN) environment variable is configured.
url
str
required
The URL of the Nautobot instance resolvable by the Ansible host (for example: http://nautobot.example.com:8000)
Can be omitted if the E(NAUTOBOT_URL) environment variable is configured.
validate_certs
raw
Default: True
If C(no), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
Can be omitted if the E(NAUTOBOT_VALIDATE_CERTS) environment variable is configured.

Notes

Note

  • Tags should be defined as a YAML list
  • This should be ran with connection C(local) and hosts C(localhost)

Examples

---
- name: Create an environment variable secret
  networktocode.nautobot.secret:
    url: http://nautobot.local
    token: thisIsMyToken
    name: Device Password
    description: Password for the device
    provider: environment-variable
    parameters:
      variable: NAUTOBOT_NAPALM_PASSWORD
    state: present

- name: Create a text file secret
  networktocode.nautobot.secret:
    url: http://nautobot.local
    token: thisIsMyToken
    name: Device Certificate
    description: Certificate for the device
    provider: text-file
    parameters:
      file: /path/to/device/certificate.pem
    state: present

- name: Delete a secret
  networktocode.nautobot.secret:
    url: http://nautobot.local
    token: thisIsMyToken
    name: My Secret
    state: absent

- name: Delete a secret by id
  networktocode.nautobot.secret:
    url: http://nautobot.local
    token: thisIsMyToken
    id: 00000000-0000-0000-0000-000000000000
    state: absent

Return Values

Key Data Type Description Returned
msg str Message indicating failure or info about what has been achieved always
secret dict Serialized object as created or already existent within Nautobot success (when I(state=present))

Authors

  • Joe Wesch (@joewesch)