ansible Secret encryption Using lookup pipes to decrypt non-structured vault-encrypted data


Example

With Vault you can also encrypt non-structured data, such as private key files and still be able to decrypt them in your play with the lookup module.

---

- name: Copy private key to destination
  copy:
    dest=/home/user/.ssh/id_rsa
    mode=0600
    content=lookup('pipe', 'ANSIBLE_VAULT_PASSWORD_FILE=vault_pass_file ansible-vault view keys/private_key.enc')