Browse Source

update my password rotation playbook

master
Markus Bergholz 5 months ago
parent
commit
a88b80cecc
1 changed files with 10 additions and 7 deletions
  1. +10
    -7
      ansible/rotate_aws_password.yml

+ 10
- 7
ansible/rotate_aws_password.yml View File

@@ -3,9 +3,6 @@
connection: local
gather_facts: False

vars:
lesspass_profile: "{{ lookup('file', 'aws.json') | from_json}}"

vars_prompt:
- name: AWS_PROFILE
prompt: AWS Profile?
@@ -14,9 +11,15 @@
- name: MASTER_PASSWORD
prompt: master password?
private: yes
tasks:
- name: LESSPASS_PROFILE_FILE
prompt: Lesspass Profile
private: no
default: aws.prod.json

vars:
lesspass_profile: "{{ lookup('file', '/home/m/git/passwords/' + LESSPASS_PROFILE_FILE ) | from_json}}"

tasks:
- name: Get the current caller identity facts
aws_caller_info:
profile: "{{ AWS_PROFILE }}"
@@ -24,9 +27,9 @@

- name: calculate password
set_fact:
password: "{{ lookup('lesspass', MASTER_PASSWORD, profile='aws.json', site='aws-' + caller_facts.account ) }}"
password: "{{ lookup('lesspass', MASTER_PASSWORD, profile='/home/m/git/passwords/' + LESSPASS_PROFILE_FILE ) }}"

- name: Create two new IAM users with API keys
- name: update iam password
iam:
iam_type: user
profile: "{{ AWS_PROFILE }}"


Loading…
Cancel
Save