Link Search Menu Expand Document

ansible-vault

Encrypt and decrypt values, data structures and files within Ansible projects. More information: https://docs.ansible.com/ansible/latest/user_guide/vault.html#id17.

  • Create a new encrypted vault file with a prompt for a password:

ansible-vault create {{vault_file}}

  • Create a new encrypted vault file using a vault key file to encrypt it:

ansible-vault create --vault-password-file {{password_file}} {{vault_file}}

  • Encrypt an existing file using an optional password file:

ansible-vault encrypt --vault-password-file {{password_file}} {{vault_file}}

  • Encrypt a string using Ansible's encrypted string format, displaying interactive prompts:

ansible-vault encrypt_string

  • View an encrypted file, using a password file to decrypt:

ansible-vault view --vault-password-file {{password_file}} {{vault_file}}

  • Re-key already encrypted vault file with a new password file:

ansible-vault rekey --vault-password-file {{old_password_file}} --new-vault-password-file {{new_password_file}} {{vault_file}}