diff --git a/.gitmodules b/.gitmodules
index 59564548..a5cf29f9 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,6 @@
 [submodule "roles/re2o-mail-server/templates/re2o-services/mail-server/mail-aliases"]
 	path = roles/re2o-mail-server/templates/re2o-services/mail-server/mail-aliases
 	url = https://gitlab.crans.org/nounous/mail-aliases
+[submodule "re2o-re2oapi"]
+	path = lookup_plugins/re2oapi
+	url = git@gitlab.crans.org:nounous/re2o-re2oapi.git
diff --git a/lookup_plugins/re2oapi b/lookup_plugins/re2oapi
new file mode 160000
index 00000000..6565b92f
--- /dev/null
+++ b/lookup_plugins/re2oapi
@@ -0,0 +1 @@
+Subproject commit 6565b92f3bfc13d02b95888ae021f5bd6f7ef317
diff --git a/lookup_plugins/re2oapi.py b/lookup_plugins/re2oapi.py
new file mode 100644
index 00000000..6dcbe2b9
--- /dev/null
+++ b/lookup_plugins/re2oapi.py
@@ -0,0 +1,67 @@
+"""
+A Proof Of Concept of lookup plugin to query the re2o API.
+
+For a detailed example look at https://github.com/ansible/ansible/blob/3dbf89e8aeb80eb2d1484b1cb63458e4bb12795a/lib/ansible/plugins/lookup/aws_ssm.py
+
+
+For now:
+
+ - Need to clone nounous/re2o-re2oapi.git and checkout to crans branch.
+ - This Re2oAPIClient needs python3-iso8601
+
+TODO: Implement a small client for our needs, this will also remove the sys.path extension ...
+"""
+
+
+
+from ansible.plugins.lookup import LookupBase
+from ansible.errors import AnsibleError
+
+import sys
+sys.path.append('./lookup_plugins/')
+
+from re2oapi import Re2oAPIClient
+
+
+
+class LookupModule(LookupBase):
+    """
+    If terms = dnszones then this module queries the re2o api and returns the list of all dns zones
+    """
+
+
+    def run(self, terms, variables=None, api_hostname=None, api_username=None,
+            api_password=None, use_tls=True):
+
+        """
+           :arg terms: a list of lookups to run
+               e.g. ['dnszones']
+           :kwarg variables: ansible variables active at the time of the lookup
+           :kwarg api_hostname: The hostname of re2o instance.
+           :kwarg api_username: The username to connect to the API.
+           :kwarg api_password: The password to use to connect to the API.
+           :kwarg use_tls: A boolean to specify whether to use tls or not. You should !
+           :returns: A list of results to the specific queries.
+        """
+
+        if api_hostname is None:
+            raise AnsibleError('You must specify a hostname to contact re2oAPI')
+
+        if api_username is None:
+            raise AnsibleError('You must specify a valid username to connect to re2oAPI')
+
+        if api_password is None:
+            raise AnsibleError('You must specify a valid password to connect to re2oAPI')
+
+        api_client = Re2oAPIClient(api_hostname, api_username, api_password, use_tls=True)
+
+        res = []
+        for term in terms:
+            if term == 'dnszones':
+                res.append(self._getzones(api_client))
+        return res
+
+    def _getzones(self, api_client):
+        zones = api_client.list('dns/zones')
+        zones_name = [zone["name"][1:] for zone in zones]
+        return zones_name