W3cubDocs

/Ansible

Advanced Syntax

This page describes advanced YAML syntax that enables you to have more control over the data placed in YAML files used by Ansible.

YAML tags and Python types

The documentation covered here is an extension of the documentation that can be found in the PyYAML Documentation

Unsafe or Raw Strings

As of Ansible 2.0, there is an internal data type for declaring variable values as “unsafe”. This means that the data held within the variables value should be treated as unsafe preventing unsafe character subsitition and information disclosure.

Jinja2 contains functionality for escaping, or telling Jinja2 to not template data by means of functionality such as {% raw %} ... {% endraw %}, however this uses a more comprehensive implementation to ensure that the value is never templated.

Using YAML tags, you can also mark a value as “unsafe” by using the !unsafe tag such as:

---
my_unsafe_variable: !unsafe 'this variable has {{ characters that should not be treated as a jinja2 template'

In a playbook, this may look like:

---
hosts: all
vars:
    my_unsafe_variable: !unsafe 'unsafe value'
tasks:
    ...

For complex variables such as hashes or arrays, !unsafe should be used on the individual elements such as:

---
my_unsafe_array:
    - !unsafe 'unsafe element'
    - 'safe element'

my_unsafe_hash:
    unsafe_key: !unsafe 'unsafe value'

See also

Variables
All about variables
User Mailing List
Have a question? Stop by the google group!
irc.freenode.net
#ansible IRC chat channel

© 2012–2017 Michael DeHaan
© 2017 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/playbooks_advanced_syntax.html