如何在 Ansible 的剧本中加密变量?
[英]How to encrypt variables within a playbook in Ansible?
问题描述
I am running a playbook where I am passing in a password from an external hashicorp vault.
我正在运行一个剧本,我从外部 hashicorp 保险库中传递密码。 The problem is that when I run the playbook, the password is displayed in plain text in the output provided by ansible.问题是,当我运行剧本时,密码以纯文本形式显示在 ansible 提供的输出中。
I want the logs to be visible so I do not prefer no_logs as a solution我希望日志可见,所以我不喜欢 no_logs 作为解决方案
Example例子
changed: [Server IP] => {
"changed": true,
"cmd": "config.cmd --windowsLogonPassword **Password is passed here but displayed in plain text** ,
"delta": "0:00:06.218698",
"end": "2021-07-16 05:32:07.845560"...
Is there a way to encrypt the password directly in the playbook so plain text is not displayed on this output?有没有办法直接在剧本中加密密码,以便在此输出中不显示纯文本?
1 个解决方案
解决方案1
0 已采纳 2021-07-18 15:41:23
Put放
no_log: true
on either the task or the whole playbook.在任务或整个剧本上。 This inhibits information that can be useful for debug when you are writing the playbook, but should be on production playbooks where needed IMO.这会禁止在您编写剧本时对调试有用的信息,但应该在需要 IMO 的生产剧本中使用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.