Stack Overflow
Stack Overflow

Questions tagged [ansible-vault]

Use this tag for questions regarding the usage of Ansible Vault for protecting data for playbooks and roles.

Ansible Vault is a feature and an executable program (ansible-vault) in Ansible family, allowing encryption of variable files, as well as tasks and handlers.

198 questions
0
votes
0 answers

How to pass ansible vault password from playbook into a script via script tag

How to pass ansible vault password from playbook into a script via script tag. I have a use case where I need to decrypt a file inside my python script which will be invoked via "script" tag. My playbook will be invoked with vault-password-file
Sagar Thirumala
  • 9
  • 1
0
votes
1 answer

How to evaluate a yaml key using jinja and then evaluate its value using jinja in .j2 file using ansible?

I have a kubernetes secrets manifest in the form of secret.j2 file which has a password key. This password key is supposed assigned a value from an ansible-vault encrypted string present in a dev.yml file. This dev.yml looks like…
Suyash Gupta
  • 119
  • 1
  • 8
0
votes
0 answers

Adapt Ansible-Vault via PHP

I wrote a dynamic inventory with PHP and a DB. Now I want include some credentials in it. Typically I use ansible-vault and generate the string, put them into the database and only forward the content to the inventory. But sometimes I've credentials…
TRW
  • 876
  • 7
  • 23
0
votes
0 answers

How can I encrypt values in Ansible WITHOUT using Ansible vault?

I'm writing an Ansible playbook and role that will be used in various envs, both WAN and LAN. In my role I have a default credentials yaml file which contains passwords using Ansible Vault in-line encryption: default_username_for_something:…
Amit Chameides
  • 1
0
votes
1 answer

How to inject vault variables into Ansible template

It's possible this can be explained via Ansible docs however looking for the solution to this has yielded different results, all of which have failed for me. I am trying to setup an Ansible role to handle installation of Airflow on a remote AWS…
Phreakradio
  • 176
  • 1
  • 18
0
votes
0 answers

creating a vault on Ansible tower without using CLI

My environment does not allow remote ssh connections to ansible server. Is there a way to create a vault and encrypt through ansible tower without using CLI? Ansible: 2.9.7 Tower: 3.6.2 P.S: I'm able to configure an existing vault in the tower. But…
Siva
  • 113
  • 2
  • 7
0
votes
0 answers

Encrypt using ansible-vault with packer

I have jenkins pipeline which does: jenkins --> packer --> ansible configs--> create AWS AMI . In ansible var files, i have artifactory api key. When i create jenkins pipeline how i can encrypt this?
infotechsups
  • 37
  • 1
  • 5
0
votes
2 answers

store hosts IP addresses in variable file instead of inventory

I tried to look this up online but can't find a clear answer. Is it possible to store inventory hosts' IP addresses in the playbook or in var files like group_vars or host_vars or even myvault.yml? something like: [webserver] …
NIGHTSCROLLER
  • 89
  • 1
  • 5
0
votes
0 answers

ansible cannot access a variable from ansible vault

I am trying to setup Jenkins job calling ansible-playbook. There is an issue with withCredentials([file(credentialsId: 'my_vault', variable: 'VAULT_TOKEN')]){ ansiblePlaybook( // ... playbook: 'clusterControl.yml', …
Stepan
  • 1,391
  • 18
  • 40
0
votes
1 answer

Ansible vault in playbook having error variable 'tomcat_password' is undefined

I am newbie to ansible. I am trying to perform some deployment task in 142.23.9.23 via help of ansible using jenkins. I am hitting below error FAILED! => {"msg": "The field 'become_pass' has an invalid value, which includes an undefined variable.…
soft developer
  • 25
  • 6
0
votes
1 answer

Why is the ansible vault password added to module args?

When I run an ansible playbook ansible-playbook --ask-vault-pass -i vdc-inventory complete_provision.yaml -vvv the password I set is sent to all module_args: changed: [localhost] => { "changed": true, "invocation": { "module_args":…
tread
  • 10,133
  • 17
  • 95
  • 170
0
votes
1 answer

Ansibl-vault: password from terminal

How can I pass the password of ansible-vault stored in an environment variable to the command ansible-playbook play.yml -i hosts --ask-vault-pass I can't pass a file or have an interactive shell to enter the password since the commands are run from…
RPT
  • 728
  • 1
  • 10
  • 29
0
votes
1 answer

Is there proper support available in.net core 3.0 for SQL Always Encrypted with Azure Key Vault?

I am trying to implement/understand SQL Always Encrypted in .net core 3.0 and Azure KV. I was able to successfully implement a working solution using MSFT's own provided documentation,…
m-jeri
  • 1
0
votes
1 answer

What does this ansible-vault format mean?

I am reverse-engineering and refactoring ansible code from a developer who has since left the company. In our ansible-vault file, I would love to know what the following items mean and how they add function/value to the yaml--I can't find any…
RobWieters
  • 43
  • 4
0
votes
1 answer

ansible-vault error - "Vault format unhexlify error: Odd-length string"

I am using ansible-napalm and trying to write a simple playbook to pull facts from network devices. I want to encrypt the passwords with ansible-vault, however regardless of what I try I keep getting the error: Vault format unhexlify error:…
fraserc182
  • 237
  • 1
  • 4
  • 13
1 2 3
13 14