How to Secure Ansible playbook
20 views
Skip to first unread message
Nihanth Joseph
Jun 15, 2020, 6:55:37 AM6/15/20
to Ansible Project
I need to encrypt my playbook, so once i deploy it to customer environment, they cannot edit or read my file.
I have tired ansible-vault, but for this we need to save password in text file, so ultimately customer can decrypt my source code using that.
I am a java developer, in java we can convert human readable source code to machine readable byte code and deploy to customer environment.
so how to do this kind in ansible?
Dick Visser
Jun 15, 2020, 8:16:18 AM6/15/20
to ansible...@googlegroups.com
So your customer has access to the playbooks and vault passwords?
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/336afe85-6a92-4c4f-8d52-eb64d6f32906o%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/336afe85-6a92-4c4f-8d52-eb64d6f32906o%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
Nihanth Joseph
Jun 15, 2020, 8:42:05 AM6/15/20
to Ansible Project
Actually we don't want to expose, our code except developers.
we have separate team (external to our company) to execute our code in customer environment. and we don't want to show our code to them.
Luca 'remix_tj' Lorenzetto
Jun 15, 2020, 8:56:09 AM6/15/20
to ansible...@googlegroups.com
On Mon, Jun 15, 2020 at 2:42 PM Nihanth Joseph <nik...@gmail.com> wrote:
>
> Actually we don't want to expose, our code except developers.
> we have separate team (external to our company) to execute our code in customer environment. and we don't want to show our code to them.
Hello,
>
> Actually we don't want to expose, our code except developers.
> we have separate team (external to our company) to execute our code in customer environment. and we don't want to show our code to them.
as far as i know, no tool is provided to obfuscate ansible playbooks.
I can suggest you to publish your work on an instance of AWX and allow
the external team to run only. Via AWX they have no access to source
code of playbooks.
Luca
--
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)
Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <lorenze...@gmail.com>
Nihanth Joseph
Jun 15, 2020, 10:12:51 AM6/15/20
to Ansible Project
Thanks, hope this would solve my issue.
On Monday, June 15, 2020 at 6:55:37 PM UTC+8, Nihanth Joseph wrote:
Reply all
Reply to author
Forward
0 new messages