Setting vault password in Ansible Tower

Sudhir picture Sudhir · Sep 11, 2017 · Viewed 8.2k times · Source

I have used Ansible Vault to encrypt a file in which I have stored sensitive data.

In my orchestration script below command is mentioned to run the playbook.

ansible-playbook -i hosts -vvv Playbook.yml --ask-vault-pass

This prompts user to provide password for Ansible vault. Now how can I achieve the same through Ansible Tower so that no manual intervention. I do not want this to done through password file as it is the requirement. Any suggestion would be great help.

Answer

Newbie picture Newbie · Sep 18, 2017

On Ansible Tower, go to Settings > Credentials and edit your Machine Credentials. There is an option to enter your vault password. When you run the playbook on Ansible Tower, the vault password should automatically be entered. You can also check the box "Ask at runtime?" if you want to manually enter your vault password when the playbook is running.

Here is an overview of this functionality under "Vault Support" of this page: https://www.ansible.com/blog/ansible-tower-148