Created
May 22, 2018 13:22
-
-
Save jeffbrl/9f793d1fb49a6e5dee84d8e38be8ef30 to your computer and use it in GitHub Desktop.
ansible-vault usage example using encrypted variables file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jeffl@ubuntu:~/vault_testing$ cat vars/secrets.yml | |
| --- | |
| username: jeffl | |
| password: secretpassword | |
| jeffl@ubuntu:~/vault_testing$ | |
| jeffl@ubuntu:~/vault_testing$ echo "my_vault_pass" > vault_pass | |
| jeffl@ubuntu:~/vault_testing$ chmod go-r vault_pass | |
| jeffl@ubuntu:~/vault_testing$ ansible-vault encrypt --vault-id vault_pass vars/secrets.yml | |
| Encryption successful | |
| jeffl@ubuntu:~/vault_testing$ cat !$ | |
| cat vars/secrets.yml | |
| $ANSIBLE_VAULT;1.1;AES256 | |
| 32353463666361373361626431343536313862356430663738306261396337653239326533353439 | |
| 3336303361643236326562303663663733326537363864320a336332373231303032666261343066 | |
| 61643565303665616637343437336233366136663265373138616238633333626632343062373738 | |
| 6631323336373361660a306232653136383539386135663732366632353732313061323637653565 | |
| 31346565363030323461343937623736623532613232383933373531366362636165306432633632 | |
| 6434643235623530353333666164383136376239326431643636 | |
| jeffl@ubuntu:~/vault_testing$ cat vault_test.yml | |
| --- | |
| - name: Test ansible vault functionality | |
| hosts: 127.0.0.1 | |
| vars_files: | |
| - vars/secrets.yml | |
| tasks: | |
| - name: Print username variable to the screen | |
| debug: | |
| var: username | |
| jeffl@ubuntu:~/vault_testing$ ansible-playbook --vault-id vault_pass vault_test.yml | |
| [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not | |
| match 'all' | |
| PLAY [Test ansible vault functionality] ***************************************************************************** | |
| TASK [Gathering Facts] ********************************************************************************************** | |
| ok: [127.0.0.1] | |
| TASK [Print username variable to the screen] ************************************************************************ | |
| ok: [127.0.0.1] => { | |
| "username": "jeffl" | |
| } | |
| PLAY RECAP ********************************************************************************************************** | |
| 127.0.0.1 : ok=2 changed=0 unreachable=0 failed=0 | |
| jeffl@ubuntu:~/vault_testing$ | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment