Skip to content

Adrian Giacometti

  • Home
  • Useful links
  • About Me

Quick start to Ansible Vault

5th April 2020 by Adrian Giacometti

Start using Ansible Vault is pretty easy.

As usual, there is no magic here, you keep the key in mind or a file somewhere.

If you keep it in mind doesn’t sound very practical because you are trying to automate tasks without human intervention and either way you don’t want to type that long key each time.

(You can use this method for any kind of file, Ansible or not, for a picture is you like.)

Now, if you DO want to introduce the pass-key each time, then skip this section.

Create the file with the key

Just create a file with the pass inside with vi or echo, like this

  echo "my_password" >> .vault_pass 

Even the name of the file can be whatever you want like “cakes”, “.boring”, etc.

Keep the file hidden in the hard disk using the normal file privileges from Linux. Sounds pretty traditional right. I think is good enough, a weird file somewhere in the disk that only you and root know about.

Next, use it as an environment variable in your user_id profile $HOME/.profile or system-wide /etc/environment, and add it with:

 export ANSIBLE_VAULT_PASSWORD_FILE="$HOME/.vault_pass"

In this way, Ansible will automatically use it to encrypt and decrypt.

Create, encrypt, view, and edit files

The next steps are very easy:

1.- create an encrypted file

 ansible-vault create your_file 

2.- encrypt an existing file

 ansible-vault encrypt your_file 

3.- view an encrypted file

 ansible-vault view your_file 

4.- edit an encrypted file

  ansible-vault edit your_file 

That’s all.

Refer to Ansible Documentation at https://docs.ansible.com/ansible/latest/user_guide/vault.html

Share on Social Media
linkedin twitter email

Post navigation

Previous Post:

Simple, complete, free, and automated network configuration backup setup

Next Post:

Free and Easy Analytics with Elastic Stack

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Translate to your language

Site search

Tags

ansible automation aws bcp bgp books chatbot chatops cisco cisco aci cloud automation datacenter desing devops drp enterprise f5 fastapi free gitlab ci gitops high availability internet iproute2 isp learning linux monitoring nat netdevops netmiko netops network network automation network backup opensource oracle oci python saltstack slack slackops terraform vpn vrf webinar

Blog Stats

  • 13,367 hits

RSS ipSpace.net Blog Posts

  • Video: Packet Buffers in Data Center ASICs
  • Will ChatGPT Replace Stack Overflow?
  • New: CI/CD in Networking Resource Page
  • External Links on Spine Switches
  • Test VRF-Aware DHCP Relaying with netlab

RSS Unknown Feed

Archives

  • 2021 (10)
    • November (1)
    • August (2)
    • July (1)
    • May (2)
    • April (3)
    • February (1)
  • 2020 (15)
    • December (2)
    • October (1)
    • September (1)
    • June (1)
    • April (5)
    • March (1)
    • February (2)
    • January (2)
  • 2019 (3)
    • December (3)

Follow & Contact info

  • LinkedIn
  • GitHub
  • Twitter
  • YouTube
  • Email
  • RSS Feed

Subscribe to stay updated

Loading
© 2023 Adrian Giacometti