0

I am trying to fetch my keyvalue (myP@ssw0rd) from AWS SSM Parameter store using python boto3. Doing it in an Ansible playbook .yml file. This is the python script that I am using:

 import boto3
 ssm = boto3.client(‘ssm’, region_name=‘us-east-1’)
 response=ssm.get_parameters(Names=[‘MyKeyName’])
 var_value= response[‘Parameters’][0][‘Value’]

I want to use this var_value inside my ansible play book like below: Creating the DD agent

shell: DOCKER_CONTENT_TRUST=1 \
    docker run -d --name ddagent --network my-network -v /var/run/docker.sock:/var/run/docker.sock:ro \
    -v /proc/:/host/proc/:ro \
    -v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \
    -e DD_API_KEY=$var_value \
    datadog/agent:latest

Here I am trying to fetch the value from SSM parameter store(using python boto3) and pass it to Ansible to use in “DD_API_KEY” in above command. Can anyone please let me know what is best way to do it for this usecase?

Improve this question

1 Answer 1

Reset to default
0

Add this line to the python script

print (var_value)

Run the python script using command module or script module(if you need to copy the script to remote machine) and register the output.

- name: run python script
  command: '/path/to/python-executable /home/centos/conf.d/ssmread/ddkeyreadssm.py'
  register: result

- name: creating DD agent
  shell: |
    DOCKER_CONTENT_TRUST=1 \
    docker run -d --name ddagent --network my-network -v /var/run/docker.sock:/var/run/docker.sock:ro \
    -v /proc/:/host/proc/:ro \
    -v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \
    -e DD_API_KEY="{{ result.stdout }}" \
    datadog/agent:latest
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for your comment on same. I did try the approach but held up in error regards to path of .py script Error : {"changed": false, "cmd": "/home/centos/conf.d/ssmread/ddkeyreadssm.py", "msg": "[Errno 8] Exec format error", "rc": 8} here "/home/centos/conf.d/ssmread/ddkeyreadssm.py" is the path where i have my .py file. Also do we need to add "python3" right before the path reference in .yml ?? Presently its as - name: run python script command: "/home/centos/conf.d/ssmread/ddkeyreadssm.py" register: result
There may be other ways but type which python3 you will get the path to python executable, then modify the command module accordingly. Updated the answer.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.