forked from TerryHowe/ansible-modules-hashivault
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest_policy_old.yml
38 lines (35 loc) · 1.12 KB
/
test_policy_old.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
---
- hosts: localhost
gather_facts: no
vars:
bobs_rules: >
path "secret/oldbob/*" {
capabilities = ["create", "read", "update", "delete", "list"]
}
path "secret/oldbob" {
capabilities = ["list"]
}
tasks:
- hashivault_policy:
name: oldbob
state: absent
- name: Set new policy
hashivault_policy_set:
name: oldbob
rules: "{{bobs_rules}}"
register: 'vault_policy_set'
- assert: { that: "{{vault_policy_set.changed}} == True" }
- assert: { that: "{{vault_policy_set.rc}} == 0" }
- name: Set new policy from file
hashivault_policy_set_from_file:
name: oldbob
rules_file: "templates/policy_rules.hcl"
register: 'vault_policy_set'
- assert: { that: "{{vault_policy_set.changed}} == True" }
- assert: { that: "{{vault_policy_set.rc}} == 0" }
- name: Delete new policy
hashivault_policy_delete:
name: oldbob
register: 'vault_policy_delete'
- assert: { that: "{{vault_policy_delete.changed}} == True" }
- assert: { that: "{{vault_policy_delete.rc}} == 0" }