asked on
How to Encrypt a Password in Ansible Tower using Ansible Vault?
Hello Experts:
I am trying to use a username and password in Ansible Tower. I have this this encrypted defaults/secret.yml:
[awx@ip-172-31-17-130 defaults]$ more secret.yml
$ANSIBLE_VAULT;1.1;AES256
313334333361313131373836636138636139623638353064316231303165303438653262366637343562336164383466613930386634663037306534383431650a30323130323564
I then created this CREDENTIALS in Ansible Tower Vault Credential:
Finally, I linked this vault credential to my template:
However, when I run this Ansible playbook/role, both the password and username show as plain text as follows:
I was expecting to see the content of the encrypted file defaults/secret.yml file.
Is there a way to achieve this?
That is, to make thinkpad@102 and Administrator show as encrypted in the Ansible Tower output.
* ansible tower* AnsibleEncryption
Last Comment
wbens
ASKER
Hello Experts:
This is what I did to get around this. I deleted the task that outputs all of the information where the password is included. This is what I get now:
I am happy with that.
This is the code, just in case anyone finds it useful (I have been there looking for anything that helps me put code together):
Lines 78-80 is what was outputting the password and much more.
This is my solution.
Thanks!
This is what I did to get around this. I deleted the task that outputs all of the information where the password is included. This is what I get now:
I am happy with that.
This is the code, just in case anyone finds it useful (I have been there looking for anything that helps me put code together):
Lines 78-80 is what was outputting the password and much more.
This is my solution.
Thanks!
ASKER CERTIFIED SOLUTION
Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a questionAll of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
If this cannot be done, then I would like to know. I am just looking to learn whether I am done with this Ansible task or if I can improve it by encrypting the username and password when they are echoed in the Ansible Tower output(s).
Thanks!