Ansible - Create Vault Credentials in Tower

Let's say you used the ansible-vault create command to create locker.yml. When creating locker.yml, you would have been prompted to create a vault password. The vault password can be stored in an Ansible Tower credential.

  1. In Tower, select Credentials.
  2. Select the green plus icon.
  3. Enter the following:
    • Name = Something unique
    • Description = Something unique
    • Organization = 
    • Credential Type = Vault
    • Vault Password = the vault password
  4. Select Save.

 

Let's say locker.yml contains the following. The foo variable contains a value of bar.

foo: bar

 

You'll have to make locker.yml accessible by Tower. For example, let's say you have a project that is using the foo.git repository. In this scenario, locker.yml could be placed in group_vars/all/locker.yml in the Git repository.

 

Next you will want to create a job template that is using the foo project and also using the vault credentials. Let's say the template is running playbook foo.yml and foo.yml contains the following.

---
- hosts: all
  tasks:
    - name: print the value in the foo variable
      debug:
        var: foo
...

 

The following should be returned. Notice "bar" is returned.

TASK [print the value in the foo variable]
ok: [server1.example.com] => {
    "foo": "bar"
}

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.





Please enter 0d121 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |