Fortigate (FortiOS) API Token Encryption (AAP)

[Ramesh]

Hello All,

I am using Ansible Automation Platform Trail Verson. Wanted to know if possible to encrypt API Token which is Part of Playbook Execution. Don't want to keep in variable file which will be part of Playbook Folder. 

---

- hosts: all

  collections:

   - fortinet.fortios

  connection: httpapi

  vars:

   vdom: "root"

   ansible_httpapi_use_ssl: yes

   ansible_httpapi_validate_certs: no

   ansible_httpapi_port: 443

   

  tasks:

  - name: Configure global attributes.

    fortios_system_global:

      vdom:  "{{ vdom }}"

      access_token: "abcdefgh12345"

      system_global:

        admintimeout: "60"

        hostname: "{{ fortigate_hostname }}"

[kurokobo]

Hi,

To achieve your goal, my recommendation is defining new Custom Credential Type for Fortigate.

This allows any string to be stored encrypted and passed to Job as an arbitrary Extra Variable or Environment Variable, similar to the built-in credential type.

https://docs.ansible.com/automation-controller/latest/html/userguide/credential_types.html

Alternatively you can use Ansible Vault but in my opinion Credential Type is the preferred AAP-native way.

Regards,

--

@kurokobo

------- Original Message -------

--
You received this message because you are subscribed to the Google Groups "AWX Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to awx-project...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/3a313944-1820-4436-be55-5eea781f0542n%40googlegroups.com.

[Ramesh]

Thanks for you help. Started Creating Cred Type