Let's say you used the ansible-vault create command to create locker.yml. When creating locker.yml, you would have been prompted to create a vault password. The vault password can be stored in an Ansible Tower credential.
- In Tower, select Credentials.
- Select the green plus icon.
- Enter the following:
- Name = Something unique
- Description = Something unique
- Organization =
- Credential Type = Vault
- Vault Password = the vault password
- Select Save.
Let's say locker.yml contains the following. The foo variable contains a value of bar.
foo: bar
You'll have to make locker.yml accessible by Tower. For example, let's say you have a project that is using the foo.git repository. In this scenario, locker.yml could be placed in group_vars/all/locker.yml in the Git repository.
Next you will want to create a job template that is using the foo project and also using the vault credentials. Let's say the template is running playbook foo.yml and foo.yml contains the following.
---
- hosts: all
tasks:
- name: print the value in the foo variable
debug:
var: foo
...
The following should be returned. Notice "bar" is returned.
TASK [print the value in the foo variable]
ok: [server1.example.com] => {
"foo": "bar"
}
Did you find this article helpful?
If so, consider buying me a coffee over at 