2020-01-13 23:11:29 +00:00
|
|
|
# ansible-vault
|
|
|
|
|
|
|
|
> Encrypts & decrypts values, data structures and files within Ansible projects.
|
|
|
|
> More information: <https://docs.ansible.com/ansible/latest/user_guide/vault.html#id17>.
|
|
|
|
|
|
|
|
- Create a new encrypted vault file with a prompt for a password:
|
|
|
|
|
|
|
|
`ansible-vault create {{vault_file}}`
|
|
|
|
|
|
|
|
- Create a new encrypted vault file using a vault key file to encrypt it:
|
|
|
|
|
2024-04-18 19:38:25 +01:00
|
|
|
`ansible-vault create --vault-password-file {{password_file}} {{vault_file}}`
|
2020-01-13 23:11:29 +00:00
|
|
|
|
|
|
|
- Encrypt an existing file using an optional password file:
|
|
|
|
|
2024-04-18 19:38:25 +01:00
|
|
|
`ansible-vault encrypt --vault-password-file {{password_file}} {{vault_file}}`
|
2020-01-13 23:11:29 +00:00
|
|
|
|
|
|
|
- Encrypt a string using Ansible's encrypted string format, displaying interactive prompts:
|
|
|
|
|
|
|
|
`ansible-vault encrypt_string`
|
|
|
|
|
|
|
|
- View an encrypted file, using a password file to decrypt:
|
|
|
|
|
2024-04-18 19:38:25 +01:00
|
|
|
`ansible-vault view --vault-password-file {{password_file}} {{vault_file}}`
|
2020-01-13 23:11:29 +00:00
|
|
|
|
|
|
|
- Re-key already encrypted vault file with a new password file:
|
|
|
|
|
2024-04-18 19:38:25 +01:00
|
|
|
`ansible-vault rekey --vault-password-file {{old_password_file}} --new-vault-password-file {{new_password_file}} {{vault_file}}`
|