Basic Vault Usage
Ansible vault's most basic implementation is a simple AES Symmetric Key encryption solution (as we discussed earlier). The implementation of this is managed through the command-line interface, specifically the ansible-vault command. Using this command, we have the ability to encrypt, decrypt, rekey, and edit vault specific files. The syntax of each of these commands along with a description and example is provided next.
Encrypting an Ansible vault YAML file
This command syntax allows us to encrypt the contents of a YAML file. Upon executing, it will prompt the user for the key they wish to use in order to encrypt it.
The content of the my_vault.yml file is shown here:
integer: 25 string: "Hello Ansible Users" float: 25.0 boolean: Yes
Then, in order to encrypt the file, execute the following command:
#> ansible-vault encrypt my_vault.ymlThe output of the command execution is shown next:
New Vault password: Confirm New Vault password: #>
Once the file is encrypted, we can...
