forked from ansible/ansible-tower-samples
-
Notifications
You must be signed in to change notification settings - Fork 5
/
hello_world_vault_encrypted.yml
41 lines (40 loc) · 1.74 KB
/
hello_world_vault_encrypted.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# Note: The password for `encrypted_msg` is just 'vault'
#
# This playbook is just used for testing vault integration, so when provided
# with the correct password the message displayed should be:
#
# "Hello World! (NOTE: This message has been encrypted with ansible-vault)"
#
# This var was generated by running the following:
#
# $ ansible-vault encrypt_string --ask-vault-pass --stdin-name "encrypted_msg"
# New Vault password:
# Confirm New Vault password:
# Reading plaintext input from stdin. (ctrl-d to end input)
# Hello World!
# encrypted_msg: !vault |
# $ANSIBLE_VAULT;1.1;AES256
# 66383635373066393337333631383930366166656134653935663164636636623239333861643936
# 3664613065666439303135323331616666383030383839310a303461623264646233623037313363
# 63626562616166353466366232363562353461366162396262363461666439386165663565643832
# 3239396633396466630a616463393237303338633562656664653433633437383161353933303737
# 3764
# Encryption successful
#
# (NOTE: When running the above, Ctrl-D was required twice for `ansible-vault`
# to respond. Most likely due to the '!' character in the base string.)
#
- name: Hello World Sample (Vault Encrypted)
hosts: all
vars:
encrypted_msg: !vault |
$ANSIBLE_VAULT;1.1;AES256
66383635373066393337333631383930366166656134653935663164636636623239333861643936
3664613065666439303135323331616666383030383839310a303461623264646233623037313363
63626562616166353466366232363562353461366162396262363461666439386165663565643832
3239396633396466630a616463393237303338633562656664653433633437383161353933303737
3764
tasks:
- name: Hello Message
debug:
msg: "{{encrypted_msg}} (NOTE: This message has been encrypted with ansible-vault)"