3
The vault feature can encrypt any structured data file used by Ansible. This can include
4
- “group_vars/” or “host_vars/” inventory variables,
5
- variables loaded by “include_vars” or “vars_files”
6
- variable files passed on the ansible-playbook command line with “-e @file.yml” or “-e @file.json”.
8
Create encrypted/modify file: - the password should be the same for all files you want to use together\
9
ansible-vault encrypt <list-of-yml-files> - encrypt specified files
10
rekey <list-of-encyrpted-files> - change password
11
create enc.yml - creates empty encrypted file
12
edit enc.yml - edit data in encrypted file
15
Using encrypted files: - Link encrypted files as usual, but instruct ansible to ask for password and decrypt them
16
ansible-playbook --ask-vault-pass .... <playlist> - ask passwords and automatically decrypts encrypted files
17
ansible-playbook --vault-password-file ~/.vault_pass.txt ... - reads the password from the speicifed file
b'\\ No newline at end of file'