ansiblecommand-line-interfaceansible-vault

How to use `ansible-vault` `--output` to write the encrypted content to a file?


I'm using ansible-vault 2.10.5. According to the encrypt_string documentation, I can use --output to save the encrypted result. The doc says:

--output <OUTPUT_FILE>

output file name for encrypt or decrypt; use - for stdout

But I tried several commands and the result seemed to always be printed to the console. For example:

ansible-vault encrypt_string --vault-id test@prompt --name my_var --output encrypted.txt my_value

I got the following output printed on the console:

New vault password (test): 
Confirm new vault password (test): 
my_var: !vault |
          $ANSIBLE_VAULT;1.2;AES256;test
          66343062376436373531313033623237393231663930383936306662393164653733636161653630
          6636653035306339363065623438353338646533656639620a376365376136343232376561666266
          62313936343766343333333065363634663961643234323734613135383763656536656437393431
          3238306436313437320a663131653164366133356530663732633334366136306636663766353331
          6635
Encryption successful

So what is the correct way of using --output option to save the encrypted content to a local file?


Solution

  • I'd rather put the target content to be encrypted in a file and use ansible-vault encrypt secretfile and it will enctypt the file in place.