-
Notifications
You must be signed in to change notification settings - Fork 0
Ansible Vault
Storing passwords in an "ansble vault". Create a vault which contains passwords for things such as databases etc such that the will not be disclosed. Ansible can only utilize one "vault" at a time.
In the gobal_vars section of playbook there is an "all" directory. This will correspond to all playbooks. Within that directory perform "ansible-vault create " where name is "vault in this case. Therefore "ansible-vault create vault" which will open up an editor. The editor is expecting a "yml" file.
Upon running the command to create the vault, a password will be required.
Example:
db_passord: password
Upon leaving the editor, the contents will be placed in the vault.
Create a file in the home directory called ~/.vaultrc which contains the password.