Requires a LastPass account and the lpass client.
The lastpass_inventory.py
script uses the lastpass_inventory.yml
configuration file to fetch the named servers from the current logged in
LastPass account using lpass
, and then generate an Ansible
inventory.
The lastpass_inventory.yml
configuration file names and fetches the hosts
using name: identifier
, where the name
variable is what the host will be
named in the inventory and the identifier
is used to identify the host in
LastPass.
Both the name and the ID number from e.g. lpass ls
can be used as an
identifier for a host.
If the ID is omitted, the name will be used as the identifier.
Note that the script will fail if the name or ID is incorrect or missing.
The LastPass user
and password
fields will be used to populate
ansible_user
, ansible_password
and ansible_become_password
.
The ansible_host
address is the extracted netloc from the LastPass url
field
using urllib.parse.urlparse.
Example lpass ls
output:
servers
ansible-managed
test-server-01 [id: 3024014487647346952]
test-server-02 [id: 7815456364361241116]
Configuration file based on the above output:
---
lastpass_hosts:
test-server-01:
test-server-02: test-server-02
webserver: test-server-01
database: "7815456364361241116"
...
Running ansible-inventory -i lastpass_inventory.py --list --yaml
will then
generate the following inventory:
all:
children:
lastpass_hosts:
hosts:
database:
ansible_become_password: SuperSecretLastPass
ansible_host: 10.0.1.2
ansible_password: SuperSecretLastPass
ansible_user: ansibleuser
test-server-01:
ansible_host: 10.0.1.1
ansible_user: ansibleuser
test-server-02:
ansible_become_password: SuperSecretLastPass
ansible_host: 10.0.1.2
ansible_password: SuperSecretLastPass
ansible_user: ansibleuser
webserver:
ansible_host: 10.0.1.1
ansible_user: ansibleuser
ungrouped: {}