Cannot write file contents to a kv store

When I try to write a file to a kv store I get the error that I do not define -token flag but when I look in the logs I see that the correct token is passed on.

When doing this myself in my own terminal it the command does work after setting all the variables (token, url, namespace).

I use the Hashicorp Cloud vault, tier development

Version of Ansible: 2.13.7
Version of Vault cli on Ansible controller: 1.12.2

Ansible task to write file to kv store.

Logs from Ansible.

Hi, use “environment” in ansible. Ex:

- name: Enable transit engine
  ansible.builtin.command: vault secrets enable transit
  environment:
    VAULT_ADDR: "{{ vault_config_api_addr }}"
    VAULT_TOKEN: "{{ vault_token }}"
  changed_when: false

When I tried this, I get the same error that I have not defined the -token flag.

I got it working with enviroment like you said.

Cheers!

Because you must remove “-address” and “-token” from your cli call

Yeah I only just figured that out. :stuck_out_tongue:

And it’s “more secure”. Environment (so, your token) isn’t show on screen.

I am late to this conversation, but I’d like to add that the -token option to Vault does not exist.

It didn’t work because you just made up an option from nowhere - that’s what the error message was trying to tell you.

Yeah I figured that out as well, I thought because you have to export vault_token there would also be a option to pass the token via the cli but I was wrong.

At least I learned a valuable lesson. :stuck_out_tongue: