The ansible-vault command can be used to perform a number of tasks.
Additionally, there are a few command line options to be aware of.
A vault password file can be used to provide the vault password when:
Create a file. The file can be named anything you want. The file doesn't have to be hidden, but often is.
touch .vault_password.txt
Ensure only the owner of the file and create and write to the file.
chmod 0600 .vault_password.txt
If you have a single password that is being used with every ansible-vault command, append your vault password to the file.
echo "itsasecret" > .vault_password.txt
If you have different passwords being used, append each key:value pair to the file.
echo "test:testpassword" >> .vault_password.txt
echo "prod:prodpassword" >> .vault_password.txt
You can then use the --vault-password-file command line option (if you are going to use the same password for all of the ansible-vault commands) . . .
ansible-vault --vault-password-file /usr/local/vault/.vault_password.txt view foo.txt
Or the --vault-id command line option (if you want to use different passwords).
ansible-vault create --vault-id test@/usr/local/ansible/vault/.vault_password.txt foo.txt