Working With Ansible Vault
Ansible Vault is a way to keep sensitive information in encrypted files. rather than plain text, in your playbooks
- Navigate to /home/ec2-user/ansible/vars and create ansible secret store file by running:
ansible-vault create vars/secret-variable.yml
Enter the password twice
- Now lets enter some secrets inside this file, as follows:
secret_password: "supersecretpassword123"
- Now try to vim in secret-variable.yml
- For editing secret-variable.yml, run following command:
ansible-vault edit vars/secret-variable.yml
- Now lets use this in our setup-app playbook, please refer this link
- Run playbook with following command:
ansible-playbook playbooks/setup-app.yml --ask-vault-pass