Sometimes we may want to encrypt only a single variable value or a short piece of text that we need to use in our playbook or role. For example, we may want to encrypt a user password or an API key, and not an entire file. Encrypting single variables is also a good idea when we keep our files in Source Control Management like Git.

Ansible Vault has a function to encrypt only parts of files, to encrypt variables instead of the whole file.

Continue reading “Handling sensitive data with Ansible Vault: encrypting strings instead of files” →