ansibleansible-vault

How to decrypt string with ansible-vault 2.3.0


I have been waiting for ansible 2.3 as it was going to introduce encrypt_string feature.

Unfortuately I'm not sure how can I read the encrypted string.

I did try decrypt_string, decrypt (the file), view (the file) and nothing works.

cat test.yml 
---
test: !vault |
     $ANSIBLE_VAULT;1.1;AES256
     37366638363362303836383335623066343562666662386233306537333232396637346463376430
     3664323265333036663736383837326263376637616466610a383430623562633235616531303861
     66313432303063343230613665323930386138613334303839626131373033656463303736366166
     6635346135636437360a313031376566303238303835353364313434363163343066363932346165
     6136

The error I'm geeting is ERROR! input is not vault encrypted data for test.yml

How can I decrypt the string so I know what it's value without the need to run the play?


Solution

  • Did you try setting the encrypted string as a variable and then using -debug to get its decrypted output?

    i.e.

    Define your encrypted string as a variable test in your playbook and then do:

    -debug: msg="My Secret value is {{test | replace('\n', '')}}"
    

    in your playbook and then run the playbook:

    $ ansible-playbook -i localhost YourPlaybook.yml --vault-password-file path/to/your/secret_key_file