Use Ansible Vault in Ansbile Playbook - ansible vault — Video Tutorial

Learn how to use Ansible Vault to secure sensitive data such as passwords and access keys in your playbooks with practical examples and a live Playbook.

Watch on YouTube · Read the written article

Use Ansible Vault in Ansbile Playbook - ansible vault — Video Tutorial

Learn how to use Ansible Vault to secure sensitive data such as passwords and access keys in your playbooks with practical examples and a live Playbook.

Watch Video

Watch "Use Ansible Vault in Ansbile Playbook - ansible vault" on YouTube

What You'll Learn

How to use an Ansible Vault in an Ansible Playbook?
Ansible Vault
Links
Playbook
code without Vault
execution without Vault
code with Vault
execution with Vault
execution with Vault (password forget)
Conclusion

Full Tutorial Content

How to use an Ansible Vault in an Ansible Playbook? How to use an Ansible Vault to Protect Sensitive Data such as passwords, access keys, etc. I will show you a live Playbook with some simple Ansible code. I'm Luca Berton, and welcome to today's episode of Ansible Pilot. Ansible Vault - Included in Ansible installation - `ansible-vault` command line Ansible Vault is included in every Ansible installation for the most modern operating system. It includes all the software encryption and a handy command line utility (`ansible-vault`) to encrypt, modify, change passwords or decrypt files. The encryption of the Ansible Vault files is strong and relies on the AES256 cipher. Links - https://docs.ansible.com/ansible/latest/user_guide/vault.html Playbook Use Ansible Vault in Ansible Playbook I will show you how to use Ansible Vault in Ansible Playbook to store passwords. This example uses a simple playbook that displays on screen a variable and one Ansible vault to store the variable encrypted on disk. In the real world, you can use the variable with any Ansible module without printing on the screen. code without Vault - playbook_without_vault.yml ```yaml --- - name: Playbook without Vault hosts: all vars: mypassword: mysupersecretpassword tasks: - name: print variable ansible.builtin.debug: var: mypassword ``` execution without Vault ```bash $ ansible-playbook -i inventory playbook_without_vault.yml PLAY [Playbook without Vault] *********************************************************** TASK [Gathering Facts] ****************************************************************** [WARNING]: Platform darwin on host demo.example.com is using the discovered Python interpreter at /opt/homebrew/bin/python3.10, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.13/reference_appendices/interpreter_discovery.html for more information. ok: [ demo.example.com] TASK [print variable] ******************************************************************* ok: [ demo.example.com] => { "mypassword": "mysupersecretpassword" } PLAY RECAP ****************************************************************************** demo.example.com : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 ``` code with Vault - playbook_with_vault.yml ```bash --- - name: Playbook with Vault hosts: all tasks: - name: include vault ansible.builtin.include_vars: file: mypassword.yml - name: print variable ansible.builtin.debug: var: mypassword ``` - mypassword.yml ```bash $ANSIBLE_VAULT;1.1;AES256 35623739386664386238326639623130343635396432393037383666306431623833666266623730 3431326532383363303333336636366338313730613733360a616466373932623131626632613737 66326237653963613031326464353066346161666265623939643235396563646236613566643230 3630393737373765370a613331363034

About This Tutorial

Author: Luca Berton
Difficulty: Beginner
Read time: 3 min
Category: installation

Read the full written article: Use Ansible Vault in Ansbile Playbook - ansible vault

Topics Covered

Related Video Tutorials

Ansible Vault: Encrypt, Decrypt & Manage Secrets (Complete Guide) — Complete guide to Ansible Vault. Encrypt files and strings, decrypt secrets, use vault passwords, and manage encrypted variables securely.
Ansible terminology - What is an Ansible Playbook? — A step-by-step guide inside the Ansible Playbook anatomy: play, tasks, modules, conditional, loop, handler, variable, list.
Mastering Ansible-Creator: Simplify Your Ansible Collection Development — Discover how to install and use Ansible-Creator to simplify Ansible Collection development. Enhance your automation projects with this powerful tool and Visual.
Ansible Vault Error: Fix 'Attempting to Decrypt but No Vault Secrets Found' — How to fix Ansible 'attempting to decrypt but no vault secrets found' error. Configure vault password file, --ask-vault-pass, vault-id.
Ansible troubleshooting - VMware Unknown error while connecting to vCenter or ESXi — Let’s troubleshoot together the Ansible fatal error “Unknown error while connecting to vCenter or ESXi API, [Errno -2] Name or service not known” to find.
Deploy Kubernetes Resources with Ansible Playbook — Learn how to deploy Kubernetes resources using Ansible. Follow this guide to create namespaces, pods, and services with an Ansible playbook.