Adding the vault password file option to the Ansible configuration
With version 1.7, it's also possible to add the vault_password_file
option to the ansible.cfg
file in the defaults section.
Consider the following:
[defaults] vault_password_file = ~/.vault_pass
The preceding option gives you the freedom of not specifying the encryption password or the password file every time. Let's take a look at the following commands:
# launch ansible playbook run with encrypted data # with vault_password_file option set in the config $ ansible-playbook -i customhosts site.yml $ ansible-vault encrypt roles/mysql/defaults/main.yml Encryption successful $ ansible-vault decrypt roles/mysql/defaults/main.yml Decryption successful
Moreover, when starting with version ...
Get Ansible Playbook Essentials now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.