Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
ANSIBLE-VAULT(1)	System administration commands	      ANSIBLE-VAULT(1)

NAME
       ansible-vault - encryption/decryption utility for Ansible data files

SYNOPSIS
       ansible-vault   [create|decrypt|edit|encrypt|encrypt_string|rekey|view]
       [options] [vaultfile.yml]

DESCRIPTION
       can encrypt any structured data file used by Ansible.  This can include
       group_vars/  or host_vars/ inventory variables, variables loaded	by in-
       clude_vars or vars_files, or variable files passed on the ansible-play-
       book  command  line with	-e @file.yml or	-e @file.json.	Role variables
       and defaults are	also included!

       Because Ansible tasks, handlers,	and other objects are data, these  can
       also  be	 encrypted with	vault.	If you'd like to not expose what vari-
       ables you are using, you	can keep an individual task file entirely  en-
       crypted.

COMMON OPTIONS
       --ask-vault-pass
	  ask for vault	password

       --new-vault-id 'NEW_VAULT_ID'
	  the new vault	identity to use	for rekey

       --new-vault-password-file
	  new vault password file for rekey

       --vault-id
	  the vault identity to	use

       --vault-password-file
	  vault	password file

       --version
	  show program's version number, config	file location, configured mod-
	  ule search path, module location, executable location	and exit

       -h, --help
	  show this help message and exit

       -v, --verbose
	  verbose mode (-vvv for more, -vvvv to	enable connection debugging)

ACTIONS
       encrypt
	      encrypt the supplied file	using the provided vault secret

	      --encrypt-vault-id 'ENCRYPT_VAULT_ID'
		 the vault id used to encrypt (required	if more	than  vault-id
		 is provided)

	      --output
		 output	file name for encrypt or decrypt; use -	for stdout

       rekey  re-encrypt a vaulted file	with a new secret, the previous	secret
	      is required

	      --encrypt-vault-id 'ENCRYPT_VAULT_ID'
		 the vault id used to encrypt (required	if more	than  vault-id
		 is provided)

       encrypt_string
	      encrypt the supplied string using	the provided vault secret

	      --encrypt-vault-id 'ENCRYPT_VAULT_ID'
		 the  vault id used to encrypt (required if more than vault-id
		 is provided)

	      --output
		 output	file name for encrypt or decrypt; use -	for stdout

	      --stdin-name 'ENCRYPT_STRING_STDIN_NAME'
		 Specify the variable name for stdin

	      -n,   --name
		 Specify the variable name

	      -p,   --prompt
		 Prompt	for the	string to encrypt

       edit   open and decrypt an existing vaulted file	 in  an	 editor,  that
	      will be encrypted	again when closed

	      --encrypt-vault-id 'ENCRYPT_VAULT_ID'
		 the  vault id used to encrypt (required if more than vault-id
		 is provided)

       create create and open a	file in	an editor that will be encrypted  with
	      the provided vault secret	when closed

	      --encrypt-vault-id 'ENCRYPT_VAULT_ID'
		 the  vault id used to encrypt (required if more than vault-id
		 is provided)

       decrypt
	      decrypt the supplied file	using the provided vault secret

	      --output
		 output	file name for encrypt or decrypt; use -	for stdout

       view   open, decrypt and	view an	existing vaulted file  using  a	 pager
	      using the	supplied vault secret

ENVIRONMENT
       The following environment variables may be specified.

       ANSIBLE_CONFIG -- Specify override location for the ansible config file

       Many more are available for most	options	in ansible.cfg

       For  a  full  list  check  https://docs.ansible.com/.  or use the ansi-
       ble-config command.

FILES
       /usr/local/etc/ansible/ansible.cfg -- Config file, used if present

       ~/.ansible.cfg -- User config file, overrides  the  default  config  if
       present

       ./ansible.cfg  --  Local	config file (in	current	working	directory) as-
       sumed to	be 'project specific' and overrides the	rest if	present.

       As mentioned above, the ANSIBLE_CONFIG environment variable will	 over-
       ride all	others.

AUTHOR
       Ansible was originally written by Michael DeHaan.

COPYRIGHT
       Copyright  A(C) 2018 Red	Hat, Inc | Ansible.  Ansible is	released under
       the terms of the	GPLv3 license.

SEE ALSO
       ansible (1), ansible-config (1),	ansible-console	(1), ansible-doc  (1),
       ansible-galaxy  (1), ansible-inventory (1), ansible-playbook (1), ansi-
       ble-pull	(1),

       Extensive documentation is available  in	 the  documentation  site:  <-
       https://docs.ansible.com>.   IRC	 and mailing list info can be found in
       file	    CONTRIBUTING.md,	     available	       in:	    <-
       https://github.com/ansible/ansible>

Ansible	2.8.11						      ANSIBLE-VAULT(1)

NAME | SYNOPSIS | DESCRIPTION | COMMON OPTIONS | ACTIONS | ENVIRONMENT | FILES | AUTHOR | COPYRIGHT | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=ansible-vault&sektion=1&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help