ansible Secret encryption Using lookup pipes to decrypt non-structured vault-encrypted data
Example
With Vault you can also encrypt non-structured data, such as private key files and still be able to decrypt them in your play with the lookup module.
---
- name: Copy private key to destination
copy:
dest=/home/user/.ssh/id_rsa
mode=0600
content=lookup('pipe', 'ANSIBLE_VAULT_PASSWORD_FILE=vault_pass_file ansible-vault view keys/private_key.enc')
