How to automatically pass vault password when running Ansible playbook?

Question 1

How to automatically pass vault password when running Ansible playbook?

ansible ansible-vault

snow · Jan 30, 2018 · Viewed 20k times · Source

Answer

Answer

You can use a script instead of providing the password through an interactive interface.

Here's an example for your use case:

Save path_to/vault_secret.sh file (add permissions to execute) with the following content:
```
#!/bin/bash
echo $password
```

Execute:

ansible-playbook test.yml --vault-password-file path_to/vault_secret.sh

Alternatively:

Add to ansible.cfg:

[defaults]
vault_password_file=path_to/vault_secret.sh

Execute:
```
ansible-playbook test.yml
```

Question 2

I have an Ansible playbook with vault, and I want to ask for vault password through the prompt box in my web interface and then pass the posted password when running ansible playbook. I tried to use:

echo $password | ansible-playbook test.yml --ask-vault-pass

to pass the password to the playbook, but it doesn't work, the error message is:

"msg": "Attempting to decrypt but no vault secrets found"

I don't want to store password in file for some resons and now I just want to try to automatically pass password to the playbook while running it. Is there any advice to me? The ansible version is 2.4.

How to automatically pass vault password when running Ansible playbook?

Answer

Related questions