blog.shukriadams.com
Game devops and other things

How to use ansible vault : TL;DR

2021-03-08 (3 years ago)
Updated 2022-11-27 (last year)
Tags : ansible

Ansible-vault documents and guides are long-winded and tedious. Here's the short version.

You have a playbook with lots of passwords, say mypassword1 and myotherpassword, and you don't want to be prompted for them all each time you run that playbook. Create a secrets file to store them in with

ansible-vault create mysecrets.yml

You'll be prompted for a password, enter it, this is the "master" password to access this file. Add variables to it.

mypassword1: foo
myotherpassword: bar

Save and exit. The file is now encrypted.

Call your playbook pointing to your encrypted variable file

ansible-playbook  <your regular playbook args> \
    --ask-vault-pass \
    -e @./path/to/mysecrets.yml

You'll be prompted for the master password, and now all variables in it are available to your playbook. There, simple.

image credit

Previous : Moving in
Next : Reliable SMTP with Amazon Simple Email Service