Stack Overflow
Stack Overflow

Questions tagged [ansible-vault]

Use this tag for questions regarding the usage of Ansible Vault for protecting data for playbooks and roles.

Ansible Vault is a feature and an executable program (ansible-vault) in Ansible family, allowing encryption of variable files, as well as tasks and handlers.

198 questions
0
votes
1 answer

Storing Ansible Vault password in AWS secret manager and using it when required

I want to store the ansible vault password in aws secret manager and then use the CLI to decrypt the contents in the vault by referencing to the password stored in aws secret manager when required....How can I do that? I have stored the password as…
ITSA
  • 1
  • 1
0
votes
1 answer

How to decrypt single encrypted variables in a Jinja2 template file in Ansible

Having a file in the inventory named myFile.properties.j2 that is used in a task in one of the roles that a playbook uses Content of the file : my.super.pwd=nope my.otherSuper.pwd= !vault | $ANSIBLE_VAULT;1.1;AES256 …
Faycal Said
  • 13
  • 2
0
votes
1 answer

How to post encrypted file using ansible vault?

Is there a way to use the ansible.builtin.uri module to post / put an encrypted file while seamlessly decrypting it from the vault? Or is there a safe workaround (i.e. a secure sequence of tasks?). The use case is to upload a licence file which is…
Fabio
  • 491
  • 3
  • 10
0
votes
0 answers

ansible-pull ERROR! Attempting to decrypt but no vault secrets found

I am attempting to configure an ansible-pull but everytime I run the ansible-pull command specifying either "--vault-id name@vault_pwd" or "--vault-password-file vault_pwd" it seems to get ignored. I have an encrypted file in my…
Cian
  • 33
  • 1
  • 6
0
votes
0 answers

Ansible-vault with python cryptography problem

I still have my problem to use ansible-vault command with a non root user and got an error message. Works great with root user. I have done a ton of tests with different installations method (rpm file, pip install module) and a lot of access rights…
user20340761
  • 11
  • 2
0
votes
1 answer

Store encrypted Ansible Vault string as a single line

this might be an Ansible related question or YAML one. In my Ansible variables I have some encrypted strings: --- env_passphrase: !vault | $ANSIBLE_VAULT;1.2;AES256;staging …
Naramsim
  • 8,059
  • 6
  • 35
  • 43
0
votes
0 answers

Can I create list of vaulted passwords in Ansible?

I would like to define several vaulted passwords and store them in a variable, then use it to create several users with password. variable.yml password: - !vault | $ANSIBLE_VAULT;1.1;AES256 636 - !vault | …
Polly
  • 1
  • 1
0
votes
0 answers

Ansible Playbook how to unlock ansible vault using python script then run command

I ran my secrets through a playbook and locked it in ansible-vault. Following this I set up a python script that could unlock the vault. vault.yml ####################################################### - hosts: localhost tasks: - name: Pull…
IAmTazlan
  • 43
  • 10
0
votes
0 answers

Ansible attempting to connect to two different machines (failed)

I have the following code which runs on localhost (linux OS), but needs to delegate some actions to a windows server. When I run the playbook, I give in input the vault folder which contains the credentials to connect to the windows server. The…
user12304an
  • 9
  • 3
0
votes
0 answers

Using Ansible Vault to encrypt file with multiple passwords

I have an Ansible playbook which deploys various applications to a server. It contains cert files. These files have been encrypted with Ansible Vault. As I have multiple environments, dev, uat and prd. Each environment uses a different password. I…
runnerpaul
  • 5,942
  • 8
  • 49
  • 118
0
votes
1 answer

Is there a way to automate ansible vault within the playbook

After automating pulling the secrets from AWS, I wanted to use Ansible Vault to lock it up, and so I first tested this manually. Is there a way to do this through ansible playbooks. We need to automate it so we don't have to constantly lock and…
IAmTazlan
  • 43
  • 10
0
votes
0 answers

Comment out Ansible Vault encrypted variable

Hi StackOverflow community, I am writing an ansible playbook which automatically stores encrypted secrets with ansible vault that the play will generate. You know the kind of thing I am talking about, looks like: --- my_secret_thing: !vault | …
anfieldroad
  • 1
  • 1
0
votes
0 answers

how to decrypt ansible vault httppassword that is set for django site

I am very new to Ansible vaults, I am a developer trying to access django site but there is a basic auth window pops up asking me to enter username and password before I can access the site, I asked the company that developed it and they suggested…
Vin Bolisetti
  • 45
  • 6
0
votes
1 answer

Ansible Tower: Run tower-cli asking for vault pass

I'm working with Ansible Tower and using Vault credential. When I launch it using the graphical interface of Ansible Tower (I add the credential when it's prompted), it work well. When I try with the tower-cli line, I get this message: {"failed":…
Gabriel
  • 15
  • 6
0
votes
1 answer

Ansible, get variable from vault before gathering facts

I used to store ansible_ssh_pass in host_vars, enctypted with ansible-vault, but now i want to move it to hashicorp-vault. I wrote a simple role to get this variable from hashicorp-vault and set it as ansible_ssh_pass, so i can connect to host via…
Hella
  • 5
  • 3
1 2 3
13 14