try to use ansible-vault

When we use ansible, we would like to encrypt secret information like password.
Ansbile have ansible-vault command to encrypt.
I try ansible-vault command.

I create inventory file.

[root@cent7devops ansible-test]# cat hosts
[test]
node01 ansible_host=172.16.10.101 ansible_user=root
[root@cent7devops ansible-test]#

I create host variables file.

[root@cent7devops ansible-test]# cat host_vars/node01.yml
---
ansible_ssh_pass: passwordstring
[root@cent7devops ansible-test]#

I encrypt host variables file.
"vault.txt" is a file to provide a vault password.

[root@cent7devops ansible-test]# ansible-vault encrypt host_vars/node01.yml --vault-id ./vault.txt
Encryption successful
[root@cent7devops ansible-test]#

I view the contents of an encrypted file.

[root@cent7devops ansible-test]# ansible-vault view host_vars/node01.yml --vault-id ./vault.txt
---
ansible_ssh_pass: passwordstring
[root@cent7devops ansible-test]#

I confirm variables of "node01" by ansible-inventory command

[root@cent7devops ansible-test]# ansible-inventory -i hosts --host node01 --vault-id ./vault.txt
{
    "ansible_host": "172.16.10.101",
    "ansible_ssh_pass": "passwordstring",
    "ansible_user": "root"
}
[root@cent7devops ansible-test]#

AKAI TSUKI

System development or Technical something

try to use ansible-vault