* Allowing the ability to pass aws session paramters to credstash lookup Fixes #21536 https://github.com/ansible/ansible/issues/21536 * Default environment variable lookup To get around non lookup of environment variables. First, check for environment variables, then look for parameters * Following AWS Precedence http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#config-settings-and-precedence
This commit is contained in:
Ben Waters
Ryan Brown
parent
bdccc2df3c
commit
be5e2251a7
1 changed files with 9 additions and 1 deletions
|
|
@ -17,6 +17,8 @@
|
|||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
|
||||
import os
|
||||
|
||||
from ansible.errors import AnsibleError
|
||||
from ansible.plugins.lookup import LookupBase
|
||||
|
||||
|
|
@ -41,8 +43,14 @@ class LookupModule(LookupBase):
|
|||
version = kwargs.pop('version', '')
|
||||
region = kwargs.pop('region', None)
|
||||
table = kwargs.pop('table', 'credential-store')
|
||||
profile_name = kwargs.pop('profile_name', os.getenv('AWS_PROFILE', None))
|
||||
aws_access_key_id = kwargs.pop('aws_access_key_id', os.getenv('AWS_ACCESS_KEY_ID', None))
|
||||
aws_secret_access_key = kwargs.pop('aws_secret_access_key', os.getenv('AWS_SECRET_ACCESS_KEY', None))
|
||||
aws_session_token = kwargs.pop('aws_session_token', os.getenv('AWS_SESSION_TOKEN', None))
|
||||
kwargs_pass = {'profile_name': profile_name, 'aws_access_key_id': aws_access_key_id,
|
||||
'aws_secret_access_key': aws_secret_access_key, 'aws_session_token': aws_session_token}
|
||||
val = credstash.getSecret(term, version, region, table,
|
||||
context=kwargs)
|
||||
context=kwargs, **kwargs_pass)
|
||||
except credstash.ItemNotFound:
|
||||
raise AnsibleError('Key {0} not found'.format(term))
|
||||
except Exception as e:
|
||||
|
|
|
|||
Loading…
Reference in a new issue