Best way to handle an API key

Hi,

I’ve written an Ansible role where I retrieve an API key and persist it using the Register module. This key is obviously only available to this role, but I’d like it to be available to other roles that query the targeted API with this key. What’s the best way to increase the scope of this variable?

Thx

Register variable is tied to the host, not the role, but only inside the same play. So in other words, other roles can already access the variable if run in the same play… and for the same host.

First, register is not a module, it is a keyword that creates a ‘host scoped’ variable. Second, it is not ‘obviouslly role scoped’, this already makes it available to all other roles and plays in the same run.

@bcoca so it’s available across the plays also? My bad. I was under the assumption that registered variables get cleared at each play. Then it’s even better, they are global for that host.

No, you have 3 scopes:

• extra vars: mostly global and overrides all else
• playbook objects: scope is limited to the life of the object and inherited by other playbook objects contained , for example, blocks inherit from play, tasks from blocks. The exception are roles as they CAN export variables up to the play itself (this has a toggle)
• hosts: set_fact/include_vars/inventory/vars plugins and register create variables attached to the host, this is accessible across all playbook objects once set.