From 08a03a6092019d0d2d287038a6980020dd90f16c Mon Sep 17 00:00:00 2001 From: Kobbi Gal <195813801+kgal-akl@users.noreply.github.com> Date: Thu, 21 May 2026 13:39:14 -0400 Subject: [PATCH 1/6] added cloud auth info --- .../ansible-awx-plugin/ansible-plugin.md | 133 +++++++++--------- 1 file changed, 69 insertions(+), 64 deletions(-) diff --git a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md index ed47563d3..741f287c5 100644 --- a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md +++ b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md @@ -22,9 +22,17 @@ Before using the Akeyless Ansible plugin, ensure the following prerequisites are * Ansible installed. * The Akeyless Python package installed: - ```shell - pip install akeyless - ``` + ```bash + pip install akeyless + ``` + + If you use `aws_iam`, `gcp`, or `azure_ad` authentication, also install `akeyless-cloud-id` with the matching cloud extra: + + ```bash + pip install "akeyless-cloud-id[aws]" # AWS IAM + pip install "akeyless-cloud-id[gcp]" # GCP + pip install "akeyless-cloud-id[azure]" # Azure AD + ``` * Access to an Akeyless Authentication Method (for example, API Key, AWS IAM, Azure AD, OIDC, or Certificate) with a valid `access_id` and required credentials. * Network access from the Ansible control node to `https://api.akeyless.io` (or to your Akeyless Gateway endpoint if applicable). @@ -67,91 +75,88 @@ To set the Authentication Method, add the following `login` section to your [Ans ```yaml API Key login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'api_key' - access_key: '' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'api_key' + access_key: '' ``` ```yaml AWS IAM login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'aws_iam' - cloud_id: '' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'aws_iam' ``` ```yaml GCP login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'gcp' - cloud_id: '' - gcp_audience: <'gcp_audience'> + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'gcp' + gcp_audience: <'gcp_audience'> ``` ```yaml Azure AD login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'azure_ad' - cloud_id: '' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'azure_ad' ``` ```yaml Email login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'password' - admin_password: '' - admin_email: '' - account_id: '' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'password' + admin_password: '' + admin_email: '' + account_id: '' ``` ```yaml Kubernetes login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'k8s' - k8s_service_account_token: '' - k8s_auth_config_name: '' - akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'k8s' + k8s_service_account_token: '' + k8s_auth_config_name: '' + akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' ``` ```yaml OCI IAM login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'oci' - oci_auth_type: '' - oci_group_ocid: '' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'oci' + oci_auth_type: '' + oci_group_ocid: '' ``` ```yaml LDAP login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'ldap' - ldap_username: <'ldap_username'> - ldap_password: <'ldap_password'> + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'ldap' + ldap_username: <'ldap_username'> + ldap_password: <'ldap_password'> ``` ```yaml JWT login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'jwt' - jwt: '' - akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'jwt' + jwt: '' + akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' ``` ```yaml OIDC login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'oidc' - use_remote_browser: 'true / false' - jwt: '' - akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'oidc' + use_remote_browser: 'true / false' + jwt: '' + akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' ``` ```yaml SAML login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'saml' - use_remote_browser: 'true | false' - akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'saml' + use_remote_browser: 'true | false' + akeyless_gateway_url: 'https://Your-Akeyless-Gateway-URL:8000' ``` ```yaml Certificate login: @@ -163,11 +168,11 @@ login: ``` ```yaml Universal Identity login: - akeyless_api_url: 'https://api.akeyless.io' - access_id: '' - access_type: 'universal_identity' - use_remote_browser: 'true | false' - uid_token: '' + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'universal_identity' + use_remote_browser: 'true | false' + uid_token: '' ``` Where: @@ -178,7 +183,7 @@ Where: * `access_type`: The type of the Auth Method being used. -* `cloud_id`: The `cloud_id` can be retrieved by running `akeyless get-cloud-identity`. +* `cloud_id`: Cloud Identity to authenticate using `aws_iam`, `gcp` or `azure_ad` methods. If running the Ansible module in a cloud environment, don't specify the argument and make sure that the `akeyless-cloud-id` library is installed in the Ansible environment. If using `aws_iam` and the Ansible module is run in a regional STS different than `us-east-1`, e.g. AWS GovCloud, FIPS, you will need to supply the `cloud_id`. When auto-derive is not possible, supply `cloud_id` explicitly (e.g. from `akeyless get-cloud-identity`). * `cert_data`: Client certificate content encoded in `base64` (required when `access_type` is `cert`). From a721d2221e1a7cfcfd513143a3b2e489c4ad45ec Mon Sep 17 00:00:00 2001 From: kgal-akl Date: Thu, 21 May 2026 14:58:44 -0400 Subject: [PATCH 2/6] Update docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .../plugins-overview/ansible-awx-plugin/ansible-plugin.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md index 741f287c5..ecc07fa0d 100644 --- a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md +++ b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md @@ -183,7 +183,7 @@ Where: * `access_type`: The type of the Auth Method being used. -* `cloud_id`: Cloud Identity to authenticate using `aws_iam`, `gcp` or `azure_ad` methods. If running the Ansible module in a cloud environment, don't specify the argument and make sure that the `akeyless-cloud-id` library is installed in the Ansible environment. If using `aws_iam` and the Ansible module is run in a regional STS different than `us-east-1`, e.g. AWS GovCloud, FIPS, you will need to supply the `cloud_id`. When auto-derive is not possible, supply `cloud_id` explicitly (e.g. from `akeyless get-cloud-identity`). +* `cloud_id`: Cloud Identity to authenticate using `aws_iam`, `gcp`, or `azure_ad` methods. When running the Ansible module in a cloud environment, do not specify this parameter; ensure that the `akeyless-cloud-id` library is installed in the Ansible environment to enable automatic derivation. However, you must explicitly supply `cloud_id` in the following cases: (1) when using `aws_iam` in a regional STS (Security Token Service) different from `us-east-1`, such as AWS GovCloud or FIPS endpoints, or (2) when automatic derivation is not possible (you can obtain the value using `akeyless get-cloud-identity`). * `cert_data`: Client certificate content encoded in `base64` (required when `access_type` is `cert`). From cd59336762c6c372113c29f435e6bc9de3afb957 Mon Sep 17 00:00:00 2001 From: Harrison Sherwin - Akeyless Date: Fri, 22 May 2026 09:13:49 -0600 Subject: [PATCH 3/6] docs(ansible): refine cloud_id guidance and use shell fences --- .../plugins-overview/ansible-awx-plugin/ansible-plugin.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md index ecc07fa0d..eaeb43a67 100644 --- a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md +++ b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md @@ -22,13 +22,13 @@ Before using the Akeyless Ansible plugin, ensure the following prerequisites are * Ansible installed. * The Akeyless Python package installed: - ```bash + ```shell pip install akeyless ``` If you use `aws_iam`, `gcp`, or `azure_ad` authentication, also install `akeyless-cloud-id` with the matching cloud extra: - ```bash + ```shell pip install "akeyless-cloud-id[aws]" # AWS IAM pip install "akeyless-cloud-id[gcp]" # GCP pip install "akeyless-cloud-id[azure]" # Azure AD @@ -183,7 +183,7 @@ Where: * `access_type`: The type of the Auth Method being used. -* `cloud_id`: Cloud Identity to authenticate using `aws_iam`, `gcp`, or `azure_ad` methods. When running the Ansible module in a cloud environment, do not specify this parameter; ensure that the `akeyless-cloud-id` library is installed in the Ansible environment to enable automatic derivation. However, you must explicitly supply `cloud_id` in the following cases: (1) when using `aws_iam` in a regional STS (Security Token Service) different from `us-east-1`, such as AWS GovCloud or FIPS endpoints, or (2) when automatic derivation is not possible (you can obtain the value using `akeyless get-cloud-identity`). +* `cloud_id`: Cloud Identity for authentication with `aws_iam`, `gcp`, or `azure_ad` methods. When the Ansible module runs in a cloud environment, do not set this parameter and ensure that `akeyless-cloud-id` is installed in the Ansible environment so the value can be derived automatically. Set `cloud_id` explicitly when using `aws_iam` with a regional Security Token Service (STS) endpoint other than `us-east-1` (for example, AWS GovCloud or Federal Information Processing Standards (FIPS) endpoints), or when automatic derivation is not available. To retrieve the value manually, run `akeyless get-cloud-identity`. * `cert_data`: Client certificate content encoded in `base64` (required when `access_type` is `cert`). From 7c9869e850c124dd3a01126a01fd735cd9d252a9 Mon Sep 17 00:00:00 2001 From: Harrison Sherwin - Akeyless Date: Fri, 22 May 2026 09:19:43 -0600 Subject: [PATCH 4/6] docs(ansible): fold aws_iam cloud_id login guidance into PR 262 --- .../ansible-awx-plugin/ansible-plugin.md | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md index eaeb43a67..de0162a88 100644 --- a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md +++ b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md @@ -175,6 +175,31 @@ login: uid_token: '' ``` +### AWS IAM cloud identity for login + +In some environments, `akeyless.secrets_management.login` with `access_type: 'aws_iam'` requires an explicit `cloud_id` value. + +Generate the value with the Akeyless CLI, then pass it to the `login` task: + +```yaml +- name: Generate cloud identity for AWS IAM + ansible.builtin.command: akeyless get-cloud-identity --cloud-provider aws_iam + register: aws_identity + changed_when: false + +- name: Login via AWS IAM + login: + akeyless_api_url: 'https://api.akeyless.io' + access_id: '' + access_type: 'aws_iam' + cloud_id: '{{ aws_identity.stdout | trim }}' + register: auth_res +``` + +> ℹ️ **Note:** +> +> `cloud_id` is the full output from `akeyless get-cloud-identity --cloud-provider aws_iam`. + Where: * `akeyless_api_url`: Gateway URL API V2 endpoint that is `https://Your_GW_URL:8000/api/v2`. From ef406606f1a78270ecd39a5fc753256e3fb07a91 Mon Sep 17 00:00:00 2001 From: Harrison Sherwin - Akeyless Date: Fri, 22 May 2026 09:23:38 -0600 Subject: [PATCH 5/6] docs(ansible): align page wording with style guide --- .../ansible-awx-plugin/ansible-plugin.md | 52 +++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md index de0162a88..33d9290df 100644 --- a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md +++ b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md @@ -12,7 +12,7 @@ next: --- The Akeyless official [plugin for Ansible](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/) provides modules and plugins to securely manage secrets, credentials, and sensitive data within playbooks. It helps maintain efficient and secure automation workflows, allowing teams to simplify secret management while protecting critical information. -You can manage secrets and certificates with either [Modules](https://docs.ansible.com/ansible/latest/plugins/module.html) or [Lookup](https://docs.ansible.com/ansible/latest/plugins/lookup.html) plugins. In this guide, we will use Modules for simplicity. More information about the Lookup plugin can be found [here](https://docs.ansible.com/ansible/latest/plugins/lookup.html) +You can manage secrets and certificates with either [modules](https://docs.ansible.com/ansible/latest/plugins/module.html) or [lookup](https://docs.ansible.com/ansible/latest/plugins/lookup.html) plugins. This guide uses modules for simplicity. For more information, see [Ansible Lookup plugins](https://docs.ansible.com/ansible/latest/plugins/lookup.html). ## Prerequisites @@ -41,7 +41,7 @@ Before using the Akeyless Ansible plugin, ensure the following prerequisites are To install the Akeyless Ansible plugin, use one of the following methods: -The Akeyless `secrets_management` collection is available on Ansible Galaxy under the Namespace `akeyless`. You can install it using: +The Akeyless `secrets_management` collection is available on Ansible Galaxy under the namespace `akeyless`. Install it by running: ```shell ansible-galaxy collection install akeyless.secrets_management @@ -71,7 +71,7 @@ This plugin supports the following Authentication Methods: * [Certificate](https://docs.akeyless.io/docs/auth-with-certificate) * [Universal Identity](https://docs.akeyless.io/docs/auth-with-universal-identity) -To set the Authentication Method, add the following `login` section to your [Ansible Playbook](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html): +To set an Authentication Method, add the following `login` section to your [Ansible Playbook](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_intro.html): ```yaml API Key login: @@ -177,7 +177,7 @@ login: ### AWS IAM cloud identity for login -In some environments, `akeyless.secrets_management.login` with `access_type: 'aws_iam'` requires an explicit `cloud_id` value. +In some environments, `akeyless.secrets_management.login` with `access_type: 'aws_iam'` may require an explicit `cloud_id` value. Generate the value with the Akeyless CLI, then pass it to the `login` task: @@ -204,9 +204,9 @@ Where: * `akeyless_api_url`: Gateway URL API V2 endpoint that is `https://Your_GW_URL:8000/api/v2`. -* `access_id`: The `Access ID` of the Auth Method being used. +* `access_id`: Access ID for the Auth Method. -* `access_type`: The type of the Auth Method being used. +* `access_type`: Type of the Auth Method. * `cloud_id`: Cloud Identity for authentication with `aws_iam`, `gcp`, or `azure_ad` methods. When the Ansible module runs in a cloud environment, do not set this parameter and ensure that `akeyless-cloud-id` is installed in the Ansible environment so the value can be derived automatically. Set `cloud_id` explicitly when using `aws_iam` with a regional Security Token Service (STS) endpoint other than `us-east-1` (for example, AWS GovCloud or Federal Information Processing Standards (FIPS) endpoints), or when automatic derivation is not available. To retrieve the value manually, run `akeyless get-cloud-identity`. @@ -214,19 +214,19 @@ Where: * `key_data`: Private key content encoded in `base64` (required when `access_type` is `cert`). -* `akeyless_gateway_url`: Akeyless Gateway URL (port `8000`). +* `akeyless_gateway_url`: Akeyless Gateway URL on port `8000`. ## Usage This section provides examples of fetching secrets and certificates and creating a [Static Secret](https://docs.akeyless.io/docs/static-secrets). -To create an **Ansible Playbook**, create a `yaml` file containing the configuration below. +To create an **Ansible Playbook**, use a `yaml` file with the following configuration. ### Static Secret Example #### Create a Static Secret -The following will create a [Static Secret](https://docs.akeyless.io/docs/static-secrets) named `'/Ansible/MySecret'`: +The following example creates a [Static Secret](https://docs.akeyless.io/docs/static-secrets) named `'/Ansible/MySecret'`: ```yaml - name: Create Static Secret @@ -251,19 +251,19 @@ The following will create a [Static Secret](https://docs.akeyless.io/docs/static Where: -* `name`: the name of the Static Secret. +* `name`: Name of the Static Secret. -* `value`: the value of the Static Secret. +* `value`: Value of the Static Secret. -* `type`: The Secret type [`generic` or `password`]. +* `type`: Secret type (`generic` or `password`). -* `format`: The Secret format [`text` | `json` | `key-value`]. +* `format`: Secret format (`text`, `json`, or `key-value`). -Additional parameters for this module can be found in the [official Ansible Repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/). +Additional parameters for this module are available in the [official Ansible repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/). #### Fetch a Static Secret -The following will fetch a [Static Secret](https://docs.akeyless.io/docs/static-secrets) named `/Ansible/MySecret`: +The following example fetches a [Static Secret](https://docs.akeyless.io/docs/static-secrets) named `/Ansible/MySecret`: ```yaml static_secret.yaml - name: Get secret value @@ -295,11 +295,11 @@ Where: * `names`: The name of the secret. -Additional parameters for this module can be found in the [official Ansible Repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/) +Additional parameters for this module are available in the [official Ansible repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/). ### Dynamic Secret Example -The following will fetch a [Dynamic Secret](https://docs.akeyless.io/docs/how-to-create-dynamic-secret) named `Ansible/MyDynamicSecret`: +The following example fetches a [Dynamic Secret](https://docs.akeyless.io/docs/how-to-create-dynamic-secret) named `Ansible/MyDynamicSecret`: ```yaml dynamic_secret.yaml - name: Get secret value @@ -325,11 +325,11 @@ The following will fetch a [Dynamic Secret](https://docs.akeyless.io/docs/how-to msg: "Secret Value: {{ response.data }}" ``` -Additional parameters for this module can be found in the [official Ansible Repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/) +Additional parameters for this module are available in the [official Ansible repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/). ### Rotated Secret Example -The following will fetch a [Rotated Secret](https://docs.akeyless.io/docs/rotated-secrets) named `Ansible/MyRotatedSecret`: +The following example fetches a [Rotated Secret](https://docs.akeyless.io/docs/rotated-secrets) named `Ansible/MyRotatedSecret`: ```yaml rotated_secret.yaml - name: Get secret value @@ -355,11 +355,11 @@ The following will fetch a [Rotated Secret](https://docs.akeyless.io/docs/rotate msg: "Secret Value: {{ response.data }}" ``` -Additional parameters for this module can be found in the [official Ansible Repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/) +Additional parameters for this module are available in the [official Ansible repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/). ### SSH Certificate Example -The following will issue and fetch an SSH Certificate: +The following example issues and fetches an SSH Certificate: ```yaml SSH Certificate - name: Get certificate value @@ -393,17 +393,17 @@ Where: * `cert_issuer_name`: The name of the **SSH Certificate Issuer**. -* `cert_username`: The username to sign in the SSH certificate. +* `cert_username`: Username to sign in the SSH certificate. -* `public_key_data`: SSH Public Key. +* `public_key_data`: SSH public key. * `ttl`: **Optional**, Updated certificate lifetime in seconds (must be less than the Certificate Issuer default TTL). -* `legacy_signing_alg_name`: **Optional**, Set this option to output legacy `ssh-rsa-cert-v01@openssh.com` signing algorithm name in the certificate. +* `legacy_signing_alg_name`: **Optional**, set this option to output the legacy `ssh-rsa-cert-v01@openssh.com` signing algorithm name in the certificate. ### PKI Certificate Example -The following will issue and fetch a PKI certificate: +The following example issues and fetches a PKI certificate: ```yaml PKI Certificate.yaml - name: Get certificate value @@ -442,4 +442,4 @@ Where: * `csr_data_base64`: Certificate Signing Request contents encoded in `base64` to generate the certificate with. -Additional parameters for this module can be found in the [official Ansible Repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/). +Additional parameters for this module are available in the [official Ansible repository](https://galaxy.ansible.com/ui/repo/published/akeyless/secrets_management/). From 358a6d36a99d1f8333e0bfe025cc9bb4aafae8f3 Mon Sep 17 00:00:00 2001 From: Harrison Sherwin - Akeyless Date: Fri, 22 May 2026 09:27:07 -0600 Subject: [PATCH 6/6] docs(ansible): add prerequisites note for cloud_id example --- .../plugins-overview/ansible-awx-plugin/ansible-plugin.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md index 33d9290df..09243a153 100644 --- a/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md +++ b/docs/Integrations & Plugins/plugins-overview/ansible-awx-plugin/ansible-plugin.md @@ -179,6 +179,11 @@ login: In some environments, `akeyless.secrets_management.login` with `access_type: 'aws_iam'` may require an explicit `cloud_id` value. +Prerequisites for this example: + +* Akeyless CLI installed (required to run `akeyless get-cloud-identity`). +* `akeyless-cloud-id` installed with the matching cloud extra for `aws_iam`, `gcp`, or `azure_ad` flows. + Generate the value with the Akeyless CLI, then pass it to the `login` task: ```yaml