Fetch AWS Secret in playbook
66 views
Skip to first unread message
amkur p
Mar 20, 2021, 6:30:14 AM3/20/21
to Ansible Project
Hi Community
I wrote the below playbook to fetch an aws secret, but it says syntax error. So can anyone please advise as what might be going wrong ?
Playbook
---
# including vars from vault, containing access and secret key
- include_vars: ../../../vault_vars.yml
- name: fetch cert key
set_fact:
wild: "{{ lookup('aws_secret', 'DigiCertCA', bypath=true, region='us-east-1', 'aws_access_key'='{{dev_access_key}}', 'aws_secret_key'='{{dev_secret_key}}' )}}"
- name: fetch cert key
set_fact:
wild: "{{ lookup('aws_secret', 'DigiCertCA', bypath=true, region='us-east-1', 'aws_access_key'='{{dev_access_key}}', 'aws_secret_key'='{{dev_secret_key}}' )}}"
Error Message :
fatal: [localhost]: FAILED! => {
"msg": "template error while templating string: invalid syntax for function call expression. String: {{ lookup('aws_secret', 'DigiCertCA', bypath=true, region='us-east-1', 'aws_access_key'='{{dev_access_key}}', 'aws_secret_key'='{{dev_secret_key}}' )}}"
}
"msg": "template error while templating string: invalid syntax for function call expression. String: {{ lookup('aws_secret', 'DigiCertCA', bypath=true, region='us-east-1', 'aws_access_key'='{{dev_access_key}}', 'aws_secret_key'='{{dev_secret_key}}' )}}"
}
Regards,
Amkur
Jorge Rúa
Mar 20, 2021, 6:34:47 AM3/20/21
to ansible...@googlegroups.com
Remove the single commas on all arguments otherwise they will be literally interpreted as strings.
wild: "{{ lookup(aws_secret='DigiCertCA', bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}"
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ee899387-6e11-46cd-823b-6c82488d4eb7n%40googlegroups.com.
amkur p
Mar 20, 2021, 7:03:29 AM3/20/21
to Ansible Project
Thank you for your response, that too didnt worked out. Got the templating type error
fatal: [localhost]: FAILED! => {
"msg": "Unexpected templating type error occurred on ({{ lookup(aws_secret='DigiCertCA', bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}): _lookup() takes at least 2 arguments (1 given)"
}
"msg": "Unexpected templating type error occurred on ({{ lookup(aws_secret='DigiCertCA', bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}): _lookup() takes at least 2 arguments (1 given)"
}
Playbook
---
- include_vars: ../../../vault_vars.yml
- name: fetch datadog api key
set_fact:
- include_vars: ../../../vault_vars.yml
- name: fetch datadog api key
set_fact:
wild: "{{ lookup(aws_secret='DigiCertCA', bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}"
Regards,
Amkur
Stefan Hornburg (Racke)
Mar 20, 2021, 8:14:22 AM3/20/21
to ansible...@googlegroups.com
On 3/20/21 12:03 PM, amkur p wrote:
> Thank you for your response, that too didnt worked out. Got the templating type error
>
> fatal: [localhost]: FAILED! => {
> "msg": "Unexpected templating type error occurred on ({{ lookup(aws_secret='DigiCertCA', bypath=true,
> region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}): _lookup() takes at
> least 2 arguments (1 given)"
> }
>
For starters I think "lookup(aws_secret='DigiCertCA'" is incorrect.
> Thank you for your response, that too didnt worked out. Got the templating type error
>
> fatal: [localhost]: FAILED! => {
> "msg": "Unexpected templating type error occurred on ({{ lookup(aws_secret='DigiCertCA', bypath=true,
> region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}): _lookup() takes at
> least 2 arguments (1 given)"
> }
>
I should be lookup('aws_secret', ....)
Regards
Racke
>
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
amkur p
Mar 20, 2021, 9:08:08 AM3/20/21
to ansible...@googlegroups.com
Thank you Stefan for your response.
That also didnt worked. Got the below error. It is a syntax error.
fatal: [localhost]: FAILED! => {
"msg": "template error while templating string: expected token ',', got '='. String: {{ lookup('aws_secret'=DigiCertCA, bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}"
}
"msg": "template error while templating string: expected token ',', got '='. String: {{ lookup('aws_secret'=DigiCertCA, bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}"
}
Playbook
---
- include_vars: ../../../vault_vars.yml
- include_vars: ../../../vault_vars.yml
- name: fetch datadog api key
set_fact:
set_fact:
wild: "{{ lookup('aws_secret'=DigiCertCA, bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}', aws_secret_key='{{dev_secret_key}}' )}}"
Regards,
Amkur
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/8JzXZeJTVmY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/86712dbf-6ea2-fa6d-4b0c-e4e009560965%40linuxia.de.
--
Best...Ankur Porwal
Stefan Hornburg (Racke)
Mar 20, 2021, 9:11:50 AM3/20/21
to ansible...@googlegroups.com
On 3/20/21 2:07 PM, amkur p wrote:
> Thank you Stefan for your response.
>
> That also didnt worked. Got the below error. It is a syntax error.
>
> fatal: [localhost]: FAILED! => {
> "msg": "template error while templating string: expected token ',', got '='. String: {{
> lookup('aws_secret'=DigiCertCA, bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}',
> aws_secret_key='{{dev_secret_key}}' )}}"
> }
>
That's no surprise really. Please look up at the examples in the documentation and don't try
> Thank you Stefan for your response.
>
> That also didnt worked. Got the below error. It is a syntax error.
>
> fatal: [localhost]: FAILED! => {
> "msg": "template error while templating string: expected token ',', got '='. String: {{
> lookup('aws_secret'=DigiCertCA, bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}',
> aws_secret_key='{{dev_secret_key}}' )}}"
> }
>
to shove random strings to Ansible.
Regards
Racke
> Playbook
> ---
> - include_vars: ../../../vault_vars.yml
>
> - name: fetch datadog api key
> set_fact:
> wild: "{{ lookup('aws_secret'=DigiCertCA, bypath=true, region='us-east-1', aws_access_key='{{dev_access_key}}',
> aws_secret_key='{{dev_secret_key}}' )}}"
>
> Regards,
> Amkur
>
> aws_secret_key='{{dev_secret_key}}' )}}"
>
> Regards,
> Amkur
>
> > ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/ansible-project/ee899387-6e11-46cd-823b-6c82488d4eb7n%40googlegroups.com
> > To view this discussion on the web visit
> <https://groups.google.com/d/msgid/ansible-project/ee899387-6e11-46cd-823b-6c82488d4eb7n%40googlegroups.com>
> >
> <https://groups.google.com/d/msgid/ansible-project/ee899387-6e11-46cd-823b-6c82488d4eb7n%40googlegroups.com?utm_medium=email&utm_source=footer
> <https://groups.google.com/d/msgid/ansible-project/ee899387-6e11-46cd-823b-6c82488d4eb7n%40googlegroups.com?utm_medium=email&utm_source=footer>>.
> >
> > --
> > You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send an email to
> > ansible-proje...@googlegroups.com <mailto:ansible-project%2Bunsu...@googlegroups.com>
> >
> > --
> > You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send an email to
> <mailto:ansible-proje...@googlegroups.com <mailto:ansible-project%2Bunsu...@googlegroups.com>>.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com>
> >
> <https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com?utm_medium=email&utm_source=footer
> > https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com>
> >
> <https://groups.google.com/d/msgid/ansible-project/0ad26b1e-27b9-4c60-950f-db61bef1a372n%40googlegroups.com?utm_medium=email&utm_source=footer>>.
>
>
> --
> Ecommerce and Linux consulting + Perl and web application programming.
> Debian and Sympa administration. Provisioning with Ansible.
>
> --
> You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/8JzXZeJTVmY/unsubscribe
> <https://groups.google.com/d/topic/ansible-project/8JzXZeJTVmY/unsubscribe>.
>
>
> --
> Ecommerce and Linux consulting + Perl and web application programming.
> Debian and Sympa administration. Provisioning with Ansible.
>
> --
> You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/8JzXZeJTVmY/unsubscribe
> To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com
> <mailto:ansible-project%2Bunsu...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/86712dbf-6ea2-fa6d-4b0c-e4e009560965%40linuxia.de
> <https://groups.google.com/d/msgid/ansible-project/86712dbf-6ea2-fa6d-4b0c-e4e009560965%40linuxia.de>.
>
>
>
> --
> Best...Ankur Porwal
>
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAM9Am-9v6AKa_ZKUSSswcEvojbtWHi_-dMXYkzMp2X4jAkzhQA%40mail.gmail.com
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> To view this discussion on the web visit
> <https://groups.google.com/d/msgid/ansible-project/CAM9Am-9v6AKa_ZKUSSswcEvojbtWHi_-dMXYkzMp2X4jAkzhQA%40mail.gmail.com?utm_medium=email&utm_source=footer>.
Reply all
Reply to author
Forward
0 new messages