/tpmstore

A TeamPasswordManager Module for Ansible

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

Build Status Codecov Scrutinizer Python version license Beerpay

tpmstore - Returns information, creates or updates entries from TeamPasswordManager

Synopsis

Give login information to TeamPasswordManager and it can return information from TeamPasswordManager searches or even create or update entires.

Parameters

General parameters

Parameter Choices/Defaults Comments
tpmurl
required
URL to TeamPasswordManager API. Should always be first parameter.
tpmuser
required
User to authenticate against TeamPasswordManager API. Should always be second parameter.
tpmpass
required
Password to authenticate against TeamPasswordManager API. Should always be third parameter.
search
required: If 'name' is not set.
Searchtstring to use for the TeamPasswordManager search.
name
required: If 'search' is not set.
Name of the entry in TeamPasswordManager. Will search for exact match.
return_value
TeamPasswordManager field
  • password <-- Default
  • any other field that TeamPasswordManager provides
  • Which fields from found entries should be returned.
    create
    Boolean
  • False <-- Default
  • True
  • If False the plugin will only query for a password.
    If True it will update an existing entry or create a new entry if it does not exists in TeamPasswordManager,
    in this case project_id will be required.
    reason
    required: If 'create' is true.
    If an entry is locked, an unlock reason is mandatory.

    Create Parameters

    When create is set to true, following values can be set

    Parameter Choices/Defaults Comments
    project_id
    int
    If a complete new entry is created, we need to assign it to an existing project in TeamPasswordManager.
    password
    string
    Will update or set the field "password" for the TeamPasswordManager entry.
    If set to "random" a new random password will be generated, updated to TeamPasswordManager and returned.
    username
    string
    Will update or set the field "username" for the TeamPasswordManager entry.
    access_info
    string
    Wil update or set the field "access_info" for the TeamPasswordManager entry.
    tags
    string
    Will update or set the field "tags" for the TeamPasswordManager entry.
    email
    string
    Will update or set the field "email" for the TeamPasswordManager entry.
    expiry_date
    string
    Will update or set the field "expiry_date" for the TeamPasswordManager entry.
    notes
    string
    Will update or set the field "notes" for the TeamPasswordManager entry.

    Examples

      vars_prompt:
        - name: "tpmuser"
          prompt: "what is your TeamPasswordManager username?"
          private: no
        - name: "tpmpass"
          prompt: "what is your TeamPasswordManager password?"
          private: yes
      vars:
         tpmurl:   "https://MyTpmHost.example.com"
         retrieve_password: "{{ lookup('tpmstore', tpmurl, tpmuser, tpmpass, 'name=An existing entry name') }}"
         retrieve_username: "{{ lookup('tpmstore', tpmurl, tpmuser, tpmpass, 'name=An existing entry name', 'return_value=username')}}"
         search_by_tags: "{{ lookup('tpmstore', tpmurl, tpmuser, tpmpass, 'search=tags:sshhost') }}"
         retrieve_locked_password: "{{ lookup('tpmstore', tpmurl, tpmuser, tpmpass, 'name=An existing and locked entry name', 'reason=For Auto Deploy by Ansible') }}"
         newrandom_password: "{{ lookup('tpmstore', tpmurl, tpmuser, tpmpass, 'name=An existing entry name', 'create=True', 'password=random') }}"
         updatemore_values: "{{ lookup('tpmstore', tpmurl, tpmuser, tpmpass, 'name=An existing entry name', 'create=True', 'password=random', 'username=root', 'access_info=ssh://root@host', 'tags=root,ssh,aws,cloud', 'notes=Created by Ansible') }}"
         completenew_entry: "{{ lookup('tpmstore', tpmurl, tpmuser, tpmpass, 'name=An existing entry name', 'create=True', 'project_id=4', 'password=random', 'username=root', 'access_info=ssh://root@host', 'tags=root,ssh,aws,cloud', 'notes=Created by Ansible') }}"
    

    Return Values

    Key Returned Description
    _list lists list containing the queried or created password