vault-id and multiple password files in ansible.cfg
47 views
Skip to first unread message
kompa...@gmail.com
Jan 31, 2018, 6:27:05 AM1/31/18
to Ansible Project
Hi,
We're using vault files encrypted with multiple vault-id in our projects.
Everything works fine when we do something like:
ansible vault --vault-id generic@~/.ansible/generic-password --vault-id prod@~/.ansible/prod-password ...But it's not convenient way to pass password files for each vault id as cli arguments.
Previously, before vault-id, we used single password for everything and we just added "vault_password_file=~/.ansible/password" into ansible.cfg.
Previously, before vault-id, we used single password for everything and we just added "vault_password_file=~/.ansible/password" into ansible.cfg.
Is there any way to add multiple password file in ansible.cfg for each vault id?
The most straight way as for me, is to add something like this
[defaults]
vault_password_file=generic@~/.ansible/generic-password
vault_password_file=prod@~/.ansible/prod-passwordAnd of course it doesn't work.
But how can I do it right?
Thanks.
hans petterson
Apr 27, 2018, 7:45:22 AM4/27/18
to Ansible Project
Hi,
just stumpled upon the same problem. Using the cli --vault-id is not really practicable in our case. No one wants to write this long string. Vault-id seems like a nice thing.. but not really thought through. Or am I missing something?
Yours
Reply all
Reply to author
Forward
0 new messages