Adding API-Key to the credentials.yml

mikefredrik · ‎08-28-2024

New to Ansible with a better understanding of RestAPI I'm in the beginning of my learning to write Ansible playbooks.
Currently I like to avoid using the export command or hard-code the API-Key in to the playbook.
The solution seams to be to create a credentials.yml file with the API-key.
I follow the guide on this link https://github.com/meraki/dashboard-api-ansible/blob/main/playbooks/credentials.yml
So the file looks like this:
---
meraki_api_key: "my key"
end-of-file

My playbook yml file I try to use looks like the following:

---
- hosts: meraki_servers
gather_facts: false
tasks:
- name: Get all webhooks httpservers
cisco.meraki.networks_webhooks_http_servers_info:
meraki_suppress_logging: true
networkId: 'My network-ID'
register: result

- name: Show current WebHook Servers
ansible.builtin.debug:
msg: "{{ result }}"

end-of-file

If I add meraki_api_key: "My key " befire the networkId line it works if not I receive an error saying meraki_api_key is missing
Ideas?

mikefredrik · ‎08-28-2024

Found one working solution after some testing.
Provide the credential file in the execution of the playbook.
ansible-playbook -e @Api2_key.yml webhook.yaml
api_key.yml contain the following:
---
meraki_api_key: 'my secret key'
eof

in the playbook I added meraki_api_key: "{{ meraki_api_key }}" in the task part of the book

JamesT91 · ‎08-28-2024

If you are storing credentials/keys in .yml files then look into using Ansible Vault for some level of encryption of that data.

mikefredrik · ‎08-28-2024

Aware of the possibilities to use the vault to encrypt the file, the thing is I have not found out how to use this in the playbook.
The content of the encrypted credentials file is something like this (omitted)
ansible@ubuntu-c:~$ cat credentials.yml
$ANSIBLE_VAULT;1.1;AES256
30373530356435393538623861663236306130343136376434326166656638313763356537356239
623436
So how to referense to this in the playbook