Ansible terminology - What is an Ansible Vault?

Name: Ansible Automation Platform By Example
Author: Luca Berton

Learn how to use Ansible Vault to encrypt variables and files, ensuring secure handling of sensitive content in your playbooks, roles, and collections with practical examples.

Ansible terminology - What is an Ansible Vault?

November 12, 2022
Posted by Luca Berton
ansible, terminology, ansible-vault, playbook, security, YAML, sensible data, encryption, password

Ansible terminology - What is an Ansible Vault?

How to store variables and files in an encrypted way using the ansible-vault command line utility.

What is an Ansible Vault?

How to store variables and files in an encrypted way. I will show you a live Playbook with some simple Ansible code. I’m Luca Berton, and welcome to today’s episode of Ansible Pilot.

Ansible Vault

Ansible Vault encrypts variables and files to protect sensitive content and lets you use them in Playbooks, Roles, and Collections. Ansible Vault stores variables and files encrypted and lets you use them in Vaults or roles. The cipher used to protect files is AES 256 in recent versions of Ansible.

Playbook

I will show you how to encrypt one password using the ansible-vault command line utility. Let’s assume that the password is currently stored in a single Ansible file (YAML) called plain-to-encrypted.yml.

code

plain-to-encrypted.yml

---
password: mysupersecretpassword

encryption

I’m going to encrypt the source file using the ansible-vault command:

$ ansible-vault encrypt plain-to-encrypted.yml 
New Vault password: 
Confirm New Vault password: 
Encryption successful

before

$ cat plain-to-encrypted.yml 
---
password: mysupersecretpassword

after

$ cat plain-to-encrypted.yml 
$ANSIBLE_VAULT;1.1;AES256
32303838636131363238666462336132613234323239316136336164343638653532306536306462
3933646539656462396264666232636133663831613463390a653638663934393761616636643638
34383235323539323366616361363664343462616265343333346162303633373333643637323066
3063343037366364300a356434653461316234323830333737656563623030383631663937363931
30393037333863316237393432626539663130343562396461363336383730373533643665653065
3136613764303938393531343635313831313533656665386535

Conclusion

Now you know what an Ansible Vault is and how to use it. You know how to use it based on your use case.

Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.

Academy

Learn the Ansible automation technology with some real-life examples in my Udemy 300+ Lessons Video Course.

BUY the Complete Udemy 300+ Lessons Video Course

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Donate

Want to keep this project going? Please donate

Patreon Buy me a Pizza

Ansible terminology - What is an Ansible Vault?

Ansible terminology - What is an Ansible Vault?

Ansible terminology - What is an Ansible Vault?

What is an Ansible Vault?

Ansible Vault

Links

Playbook

code

encryption

before

after

Conclusion

Academy

Donate