We want to with_items over a set of variables with private data in them,
like AWS keys. This causes us to get output like
TASK: [ourtask | template .s3cfg] ************************************
changed: [host1] => (item={'access_key': 'my-access-id', 'secret_key':
'my-secret-key', 'name': 'me'})
changed: [host1] => (item={'access_key': 'your-access-id', 'secret_key':
'your-secret-key', 'name': 'you'})
changed: [host2] => (item={'access_key': 'my-access-id', 'secret_key':
'my-secret-key', 'name': 'me'})
changed: [host2] => (item={'access_key': 'your-access-id', 'secret_key':
'your-secret-key', 'name': 'you'})
...except the values (my-secret-key, your-secret-key, etc) are actually
printed there. Is there a way to tell Ansible that these variables are
secret and not to print them? (We're not using Vault, but our own way to
isolate private vars; but http://docs.ansible.com/playbooks_vault.html
didn't seem to imply that this would be different if we were. Although
that could be a cool way to do it, if Ansible keeps track of what
variables were set by files that came from Vault.)
-Josh ([email protected])
This email is intended for the person(s) to whom it is addressed and may
contain information that is PRIVILEGED or CONFIDENTIAL. Any unauthorized use,
distribution, copying, or disclosure by any person other than the addressee(s)
is strictly prohibited. If you have received this email in error, please notify
the sender immediately by return email and delete the message and any
attachments from your system.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/21549.25712.833642.153469%40gargle.gargle.HOWL.
For more options, visit https://groups.google.com/d/optout.
