Machine credential injector

Archives AWX Project
1

Hi,

I create a AWX credential with machine type.

How can I access username and password fields of this credential in a playbook ?

Thank you.

2

Hello Ahmed,

The following playbook is an example that how to use machine credentials in your playbook:

`

  • hosts: all
    vars:
    machine:
    username: ‘{{ machine_credential_user }}’
    password: ‘{{ machine_credential_password }}’

tasks:

  • debug:

var: machine

`

Thanks
Soniya

3

Hello Soniya,

I have tried your solution but it does not work. I get “VARIABLE IS NOT DEFINED!” error.
is there any documentation about cred injection in AWX ?

4

Hello Ahmed,

You are getting this error because ansible fact caching is disabled. Variables ‘{{ machine_credential_user }}’ and ‘{{ machine_credential_password }}’ are present in ansible fact cache. To use these credentials you have to enable fact caching by setting gather_facts: true.

is there any documentation about cred injection in AWX ?
Yes we can achieve this task by creating a custom credential type. Credential types consist of two key concepts – “inputs” and “injectors“. Where:
Inputs: define the value types that are used for this credential – such as a username, a password, a token, or any other identifier that’s part of the credential.
Injectors: describe how these credentials are exposed for Ansible to use – this can be Ansible extra variables, environment variables, or templated file content.

Here are the steps:

Creating the Custom Credential type in Ansible AWX:

  1. Login Ansible AWX with administrator privileges.
  2. Navigate to custom credential type and click on “+” to create new.
  3. Update the input & inject fields with desired values. In this example, I am creating the custom credential type for Machine_cred authentication.

Input:

`
fields:

  • type: string
    id: machine_credential_user
    label: Machine username

  • type: string
    id: machine_credential_password
    label: “Machine password”
    secret: True

required:

  • machine_credential_user
  • machine_credential_password

`

Injector:

`
extra_vars:
username: ‘{{ machine_credential_user }}’
password: ‘{{ machine_credential_password }}’

`

And then you will see the newly created credential type.

  1. Then Navigate to Credential. Create a new credential for Machine authentication. Click on the Credential type’s search box.
  2. Select the credential type which we have created for Machine_cred.
  3. Enter machine username & password to authenticate to the portal.
  4. In your playbook, you need to call the injector’s extra-vars for successful authentication. Refer step : 3 to know the extra_vars.

Example:

`

  • name: Create a your job by using Ansible playbook

<Your_JobName>:
name: MachineJobdemo
user: “{{ username }}”
password: “{{ password }}”

`

  1. Add Machine credential in playbook template if your job requires machine authentication.

Hope this solution will work for you. Please revert in case of any query

Thanks
Soniya