This Ansible module allows you to authenticate with Devolutions Server and fetch server information, vaults, and secrets.
Consult our GitHub to learn more about Ansible Module for Devolutions Server.
Authenticate with Devolutions Server using application identities.
Fetch server information, vault lists, or specific secrets.
Flexible support for static secrets or fetching all secrets in a vault.
Ansible 2.18
Python
requestslibraryA Devolutions Server application identity (create at
{your-dvls-url}/administration/applications).The application must have permissions to fetch the desired secrets.
export DVLS_APP_KEY="your_app_key_here"
export DVLS_APP_SECRET="your_app_secret_here"
Define the secrets you want to fetch in secrets.yml:
secrets:
- secret_name: "my_secret_1"
- secret_name: "my_secret_2"
- secret_id: "12345678-1234-1234-1234-123456789012"
Use the following playbook to authenticate with Devolutions Server and fetch the secrets defined in secrets.yml:
vars_files:
- secrets.yml
tasks:
- name: Fetch secrets
devolutions.dvls.fetch_secrets:
server_base_url: "https://example.yourcompany.com"
app_key: ""
app_secret: ""
vault_id: "00000000-0000-0000-0000-000000000000"
secrets: ""
register: value
- name: Dump secrets
debug:
msg: ""
- name: Dump a secret
debug:
msg: ""
Use the following playbook to authenticate with Devolutions Server and fetch every secrets from a defined VaultID:
tasks:
- name: Fetch secrets
devolutions.dvls.fetch_secrets:
server_base_url: "https://example.yourcompany.com"
app_key: ""
app_secret: ""
vault_id: "00000000-0000-0000-0000-000000000000"
register: value
- name: Dump secrets
debug:
msg: ""
- name: Dump a secret
debug:
msg: ""
---
- name: Fetch dvls server information
server:
server_base_url: "https://example.yourcompany.com"
app_key: ""
app_secret: ""
register: value
- name: Fetch URI
debug:
msg: ""
- name: Fetch a vault from the list
debug:
msg: ""
Example response
{
"server": {
"accessURI": "https://example.dvls-server.com/",
"changed": false,
"failed": false,
"vaults": [
{
"description": "User vault for personal entries",
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "User"
},
{
"description": "Shared vault for organization",
"id": "987f6543-d21c-43ba-987f-123456789abc",
"name": "Organization vault",
"type": "Shared"
}
],
"version": "2025.1.0.0"
}
}
To access a particular field within a secret, you can use the format ``. Here's a breakdown of the available categories and their fields:
| Category | Fields |
|---|---|
| Username and password | domain, password, username |
| Connection string | connectionString |
| Secret | password |
| API key | apiId, apiKey, tenantId |
| SSH key | domain, password, privateKeyData, privateKeyOverridePassword, privateKeyPassPhrase, publicKeyData, username |
| Azure service principal | clientId, clientSecret, tenantId |
For example, if you want to access the apiId from an API key secret, you would use the following syntax:
If there is an existing secret in that path, it will update the secret. Otherwise a new secret entry will be created. When a new secret was created or updated, the module will return the entry ID.
- name: Upload Credentials to DVLS
devolutions.dvls.create_secret:
server_base_url: "https://example.yourcompany.com"
app_key: ""
app_secret: ""
vault_id: "00000000-0000-0000-0000-000000000000"
secret:
secret_name: "my_secret_1"
value: "p@ssw0rd1"
Example with additional available options (Currently only the "Credential" type and "Default" subtype are supported):
- name: Upload Credentials to DVLS
devolutions.dvls.create_secret:
server_base_url: "https://example.yourcompany.com"
app_key: ""
app_secret: ""
vault_id: "00000000-0000-0000-0000-000000000000"
secret:
secret_name: "my_secret_1"
value: "p@ssw0rd1"
secret_path: "path\\to\\folder"
secret_type: "Credentials"
secret_subtype: "Default"
secret_description: "a description for the secret"
Share your feedback