Ansible Vault encrypts variables and files so you can protect sensitive content such as passwords or keys rather than leaving it visible as plaintext in playbooks or roles. To use Ansible Vault you need one or more passwords to encrypt and decrypt content.
Manual enter password
ansible-vault create foo.ymlTo create a new encrypted data file called ‘foo.yml’ with the ‘test’ vault password from ‘multi_password_file’:
ansible-vault create --vault-id test@multi_password_file foo.ymlTo view encrypted file
ansible-vault view foo.ymlTo edit
ansible-vault edit foo.ymlChange password
ansible-vault rekay foo.ymlUsing --ask-vault-pass
sudo ansible-playbook -i ansible/inventory sample-playbook.yaml –ask-vault-passUsing password file
sudo ansible-playbook -i ansible/inventory sample-playbook.yaml –vault-pass-file ~/secrets/vault_pass.txtYou can encrypt and decrypt from base64 using chrome console.
Encoding to base64 is done with the btoa command
btoa("This is a test.")
> "VGhpcyBpcyBhIHRlc3Qu"To decode a base64 encoded string, use the atob command
atob("VGhpcyBpcyBhIHRlc3Qu")
> "This is a test."