A couple of days ago we where debugging an Ansible AAP problem, when
a co-worker mentioned something weird in our Hashicorp Vault.
Nothing major, just weird.
Ansible with multiple vault ID's
In our work environment we have role-based access for passwords (of course). But as we deploy all systems with Ansible, we could end up that someone with only deploy permission ends up with access to all passwords. It’s obvious that we don’t want that, so I started checking in to Ansible’s ability to have multiple vault passwords.
Ansible Vault IDs Starting with Ansible 2.4 and above, vault IDs are supported.
[Read More]