Ansible Vault is a command line utility, by default installed along with Ansible. It allows us to encrypt secrets such as keys, credentials, passwords, and so on to include in our playbooks. By doing this, we can also use these encrypted files to share with others as they contain password protection to access the encrypted data. We can use this feature to encrypt our variables, templates, and files inside our playbooks.
Ansible version 2.3 supports encrypting single variables using an Ansible single encrypted variable with the !vault
tag. We will see some examples of how we will use this in our playbooks in next section.
Note
Read more about Ansible Vault at https://docs.ansible.com/ansible/latest/vault.html.
As this is a very simple and powerful way to store and manage secret data, it's really important to use Ansible Vault to store all the secret information in our playbooks.
Some of the really good use cases include how we can use these playbooks without changing...