Using the Ansible-vault
The following table lists all the subcommands that the Ansible-vault utility comes with:
|
Subcommand |
Description |
|---|---|
|
|
This creates a encrypted file from scratch using the editor. This needs the editor environment variable set before launching the command. |
|
|
This edits the existing encrypted file with an editor, without decrypting the contents. |
|
|
This encrypts an existing file with structured data. |
|
|
This decrypts the file. Use this with care and do not commit the decrypted file to version control. |
|
|
This changes the key or password used to encrypt or decrypt. |
Encrypting the data
Let's perform some operations using Ansible-vault. We will start by creating an encrypted file. To create a new file from scratch, Ansible-vault uses the create subcommand. Before using this subcommand, it is important to set an editor in the environment, as follows:
# setting up vi as editor $ export EDITOR=vi # Generate a encrypted file $ ansible...
