WEIGEL FORUM
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Login

    Ansible AWX Multiple Credentials for Play

    Automation
    1
    1
    11
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerMeldosD
      DerMeldos
      last edited by

      What Are Custom Credential Types?
      Custom credential types in AWX and AAP allow you to define new forms of credentials tailored to specific authentication needs. These can include SSH keys, API tokens, passwords, or any other unique authentication method required by your automation scripts. They are customizable templates that dictate how credentials are structured, stored, and used.

      Why Use Custom Credential Types?

      • Flexibility: Create credentials that match your specific needs.
      • Security: Ensure sensitive data is securely managed according to your organization’s policies.
      • Consistency: Standardize credentials across various automation tasks and environments.

      Creating Custom Credential Types in AWX/AAP

      • Log in to the AWX/AAP Web Interface: Open your browser and access the AWX dashboard.
      • Navigate to the Credential Types Tab: Click on “Administration” in the sidebar, then go to “Credential Types.” and click "Add"
        88e76524-da84-4686-ad68-757d505d0557-image.png

      Create a New Credential Type:
      Example:
      Name: BackupJob Credential Type

      Add the input_configuration arguments:

      fields:
  - id: arista_username
    type: string
    label: arista username
  - id: arista_password
    type: string
    label: arista password
    secret: true
  - id: opnsense_username
    type: string
    label: opnsense username
  - id: opnsense_password
    type: string
    label: opnsense password
    secret: true
required:
  - arista_username
  - arista_password
  - opnsense_username
  - opnsense_password

      Add the injector Configuration: - This is what is used to inject the credential in to the playbook

      extra_vars:
  arista_password: '{{ arista_password }}'
  arista_username: '{{ arista_username }}'
  opnsense_password: '{{ opnsense_password }}'
  opnsense_username: '{{ opnsense_username }}'

      Using Custom Credential Types in AWX/AAP
      The new credential type will now to available for you to use as a template to create new credentials

      • Create a New Credential:
      • Navigate to the Credentials: Click on “Resources” in the sidebar, then go to “Credentials” and click "Add"
      • Give it a name and Description
      • Form the Credential Type dropdown choose the Template you just created
      • Add your credentials and save your new credential
        ccbaddc5-c7d2-430c-aa7f-cfb201f0bada-image.png

      Using Custom Credential in a job template

      • Navigate to the Templates: Click on “Resources” in the sidebar, then go to “Templates” and click on the template you wish to add the credential
        83c9772a-e2be-4454-ae4a-7e514e9fca1d-image.png

      The Variable you define in the injector configuration is how you will use the new credential in your playbook:

      ---
- name: Backup config to SFTP Server
  hosts: opnsense
  ignore_unreachable: true
  vars:
    ansible_user: "{{ opnsense_username }}"
    ansible_password: "{{ opnsense_password }}"

      Best Practices for Custom Credential Types

      • Secure Input Fields: Mark sensitive fields as secret to protect them.
      • Consistent Naming: Use descriptive names for credential types to avoid confusion.
      • Regular Updates: Periodically update credentials to maintain security.
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Powered by NodeBB | Contributors