I am looking to try and use the vault write module to add a certificate to our vault for vaultagent.
example vault command:
vault write auth/cert/certs/server-001 display_name=server-001 policies=policy-1 certificate=@server-001.pem token_max_ttl=0s token_bound_cidrs=""
Would it be possible to use the community.hashi_vault.vault_write module in ansible to achieve the same thing?
Hi @kellyo ,
Welcome to the forum.
Yes, I imagine that module could be used. Have you consulted its documentation, and do you have some specific questions as a result?
Hi @maxb ,
It was around the extra parameters and how to use them with the module that didnt make clear in the documentation.
I have however resolved it, so anyone else looking to do similar here is sample code.
- name: Write new cert to Vault
community.hashi_vault.vault_write:
url: "{{ vaultserver }}"
path: auth/cert/certs/{{ inventory_hostname }}
data:
certificate: "{{ lookup('file', cert) }}"
display_name: "{{ inventory_hostname }}"
policies: {{ policy }}
token_max_ttl: 0s
token_bound_cidrs: ""
auth_method: ldap
username: '{{ username }}'
password: '{{ passwd }}'
register: result
delegate_to: localhost