Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Ansible playbook to fetch credentials from 1Password and then rotate user credentials
- hosts: "{{ HOSTS }}"
name: Rotate credentials
become: yes
vars:
root_password: "{{ lookup('pipe', 'op item get \"root user\" --fields password') }}"
user_password: "{{ lookup('pipe', 'op item get \"regular user\" --fields password') }}"
tasks:
- name: change user password
no_log: True
ansible.builtin.user:
name: "{{ ansible_user }}"
state: present
password: "{{ user_password | password_hash('sha512') }}"
- name: change root password
no_log: True
ansible.builtin.user:
name: "root"
state: present
password: "{{ root_password | password_hash('sha512') }}"
- name: Sign Off from 1Password
no_log: True
ansible.builtin.set_fact:
signout: "{{ lookup('pipe', 'op signout') }}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment