Search
Navigation
Top 60 Oracle Blogs
variable
All about ansible vault
This blogpost is about using ansible vault. Vault is a way to encrypt sensitive information in ansible scripts by encrypting it. The motivation for this blogpost is the lack of a description that makes sense to me of what the possibilities are for using vault, and how to use the vault options in playbooks.
The basic way ansible vault works, is that when ansible-playbook reads a yaml file, it encounters $ANSIBLE_VAULT;1.1;AES256 indicating ansible vault is used to encrypt the directly following lines, it will use a password to decrypt it, and then uses the decrypted version in memory only. This way secrets can be hidden from being visible. Obviously, the password will allow decrypting it, and the password must be used in order for ansible-playbook to decrypt it.
The original use of vault is to encrypt an entire yaml file. As of Ansible version 2.3, ansible allows the encryption of single values in a yaml file.
.png){kind=small}
TweetsPopular content
Today's:
Monthly archive
- July 2018 (26)
- June 2018 (57)
- May 2018 (62)
- April 2018 (40)
- March 2018 (61)
- February 2018 (67)
- January 2018 (53)
- December 2017 (37)
- November 2017 (43)
- October 2017 (57)
- September 2017 (46)
- August 2017 (61)
- July 2017 (52)
- June 2017 (42)
- May 2017 (53)
- April 2017 (53)
- March 2017 (68)
- February 2017 (40)
- January 2017 (64)
- December 2016 (56)
- November 2016 (76)
- October 2016 (71)
- September 2016 (55)
- August 2016 (71)
- July 2016 (41)
- June 2016 (58)
- May 2016 (68)
- April 2016 (74)
- March 2016 (91)
- February 2016 (82)
Recent comments
24 weeks 3 days ago
36 weeks 4 days ago
40 weeks 6 days ago
41 weeks 5 days ago
46 weeks 2 days ago
1 year 15 weeks ago
1 year 35 weeks ago
2 years 13 weeks ago
2 years 49 weeks ago
2 years 50 weeks ago