Stack Overflow
Stack Overflow

Questions tagged [ansible-vault]

Use this tag for questions regarding the usage of Ansible Vault for protecting data for playbooks and roles.

Ansible Vault is a feature and an executable program (ansible-vault) in Ansible family, allowing encryption of variable files, as well as tasks and handlers.

198 questions
0
votes
1 answer

How to copy a file to remote in `ansible_connection` local?

I am creating an azure vm using ansible using azure_rm_virtualmachine command. For this case the host is localhost (ansible_connection=local). I need to copy a ssh private key which is ansible-vault encrypted. How can i do this? Here's what is…
Ananthu R V
  • 428
  • 4
  • 17
0
votes
1 answer

How to pass a vault(vault-variable) to multiple roles where the roles themselves have multiple dependent-roles?

I'm running ansible 2.7.10 and have a playbook where I "include" different roles in different plays. All the roles I call have common dependent roles. I'm at a stage now where I want all the roles within that playbook to read a vault. This works if…
shackledmystic
  • 21
  • 1
  • 4
0
votes
1 answer

hashi_vault don't work through Web Application Firewall

I want to retrieve a vault secret with Ansible using the hashi_vault module which doesn't seem to work through a WAF. The hashi_vault module work when the vault server is mapped to the root url (https://address/) in the WAF but when we use a custom…
Sleepless
  • 33
  • 1
  • 7
0
votes
1 answer

Dynamically encrypting configuration variables and placing them in specific folders

I have a configuration file that contains a list of string variables that the user is required to change to suit their environment: Configuration file example: # first_file.yml value_one: value_two: # second_file.yml value_one:…
Perfect_Comment
  • 165
  • 1
  • 2
  • 15
0
votes
1 answer

Is it possible to hash the password in the vault_password_file for ansible?

I am concerned about the password vault file storing the decryption password in plain text but have been unable to find any solutions. Today i used the ansible-vault encrypt command to encrypt all my variables. I then created a password file to be…
Richard253
  • 3
  • 2
0
votes
2 answers

Debugging http post requests ansible

I have the following task in one of my ansible playbook: - name: Generate vault token uri: url: "{{vault_address}}/v1/auth/github/login" method: POST body: "{ \"token\": \"{{ token }}\" }" validate_certs:…
codec
  • 7,978
  • 26
  • 71
  • 127
0
votes
1 answer

Ansible http get request does not work but manual curl get works

I have the following task in my ansible playbook: - name: Test on localhost hosts: localhost gather_facts: false tasks: - name: Get vault vaules uri: url: "{{vault_address_personal}}/v1/{{vault_path_personal}}/pg" …
codec
  • 7,978
  • 26
  • 71
  • 127
0
votes
1 answer

Can ansible-vault be used to add new secrets to vault

Form the ansible documentation https://docs.ansible.com/ansible/latest/user_guide/vault.html It seems we can only encrypt/decrypt files using ansible-vault. Can it not add new secrets to my vault instance?
codec
  • 7,978
  • 26
  • 71
  • 127
0
votes
1 answer

Using encrypted variable with Ansible-Vault for network automation

I have searched lots of tutorials on web & Youtube, but no luck. I want to configure Cisco switch via Ansible, I already have it setup, works flawlessly.. but I want to store the passwords (for vty lines, console, enable secret...) ideally in hosts…
neechee-nka
  • 11
  • 2
0
votes
1 answer

Ansible vault : encrypt password that begins with '-'

I am trying to encrypt password "-abc" using ansible-vault. It errors out saying "no such option". Error is given below, $ansible-vault encrypt_string '-abc' Usage: ansible-vault encrypt_string [--prompt] [options] string_to_encrypt ansible-vault:…
user3362908
  • 433
  • 5
  • 16
0
votes
1 answer

Using vault in playbooks

Hello I am trying to run the following playbook using the vault, but i can't seem to get it to work. Created an ansible vault file using: ansible-valut create group_vars/routers in there i had the following entries: ansible_ssh_user:…
Mr39
  • 51
  • 1
  • 10
0
votes
1 answer

Ansible ask for password to ansible vault from other group vars

I have problem with ansible. I have couple of group_vars folders and in this folders there is files encrypted by ansible-vault with difference passwords between prod and test: ├── group_vars │   ├── app1_prod │   │   ├── application.yml <-…
Angel666
  • 5
  • 4
0
votes
1 answer

After changing paswords in vault.yml, deployment fails in trellis

I had a wordpress site setup using Trellis. Initially I had set up the server and deployed without encrypting the vault.yml. Once everything was working fine I changed the passwords in vault.yml and encrypted the file. But my deployment fails now.…
Praneetha
  • 303
  • 4
  • 17
0
votes
0 answers

Decrypt config.cnf with ansible vault when running a playbook

I am running a playbook that executes a MySQL update command with --defaults-extra-file=vault/config.cnf. This file is encrypted with ansible vault to protect MySQL credentials. The problem is that when I run ansible-playbook --vault-id…
secicf
  • 1
0
votes
1 answer

Error during include_vars when yml has embedded encrypted variables

Question is similar to Inline encrypted variable not JSON serializable I have an Ansible configuration file that contains many plain text and a single encrypted value. config_value: "something in plain text" another_value: "another plain…
Tobias
  • 4,999
  • 7
  • 34
  • 40
1 2 3
13 14