I'm using ansible-vault
2.10.5. According to the encrypt_string
documentation, I can use --output
to save the encrypted result. The doc says:
--output <OUTPUT_FILE>
output file name for encrypt or decrypt; use - for stdout
But I tried several commands and the result seemed to always be printed to the console. For example:
ansible-vault encrypt_string --vault-id test@prompt --name my_var --output encrypted.txt my_value
I got the following output printed on the console:
New vault password (test):
Confirm new vault password (test):
my_var: !vault |
$ANSIBLE_VAULT;1.2;AES256;test
66343062376436373531313033623237393231663930383936306662393164653733636161653630
6636653035306339363065623438353338646533656639620a376365376136343232376561666266
62313936343766343333333065363634663961643234323734613135383763656536656437393431
3238306436313437320a663131653164366133356530663732633334366136306636663766353331
6635
Encryption successful
So what is the correct way of using --output
option to save the encrypted content to a local file?
I'd rather put the target content to be encrypted in a file and use ansible-vault encrypt secretfile
and it will enctypt the file in place.