Ansible Vault

Ansible is a great orchestration tool. The low barrier to entry and simplicity of Ansible are why so many people that start using it love it. But there is one feature in Ansible that probably should be used more often. That feature is Ansible Vault. Sign up for DevOps'ish! DevOps’ish is a weekly newsletter covering DevOps, Cloud Native, Open Source, and the ‘ish in between. “Vault” is a feature of ansible that allows keeping sensitive data such as passwords or keys in encrypted files, rather than as plaintext in your playbooks or roles. [Read More]

Here’s a handy one-liner to grep multiple Ansible Vault files (like group_vars). All you need is an Ansible Vault password file (outside of your configuration repo, please) and a little bash. {{ highlight bash }} ls -1 | while read N ; do echo -n $N: ; ansible-vault –vault-password-file ~/.ansible_vault view $N | grep ; done {{ / highlight }} Sign up for DevOps'ish! DevOps’ish is a weekly newsletter covering DevOps, Cloud Native, Open Source, and the ‘ish in between. [Read More]