Thursday, March 3, 2016

Ansible Vault - storing secrets in repos

When others are deploying a project for you, it's easy for mistakes to be made when secrets must be updated in environmental variables. Ansible-vault takes a different approach and encrypts the secrets - allowing you to store the secrets in your repo.

To encrypt a file: ansible-vault encrypt secrets.py
To decrypt a file: ansible-vault decrypt secrets.py

More documentation is available here: http://docs.ansible.com/ansible/playbooks_vault.html

No comments:

Post a Comment