Libor, I think what you are asking is if you can do something like this?
host1 password123 host2 password456 host3 password789 If so, then sure. Just put it in a tab-separated file and encrypt it with ansible-encrypt and use it like you would any other variables. You could probably use the csvfile module to call column 1 for user, column 2 for password. On Mon, Oct 22, 2018 at 12:57 AM Libor Burda <[email protected]> wrote: > Hello everyone. > > Is there any way how to store credentials in one Vault file, so that these > credentials are applied for each host? > > For example, when I create group_vars/all.yml and store creds here and > then execute playbook with --limit=single_host, these credentials are not > applied. I probably would have to create vault file for each host, but > that's crazy when you have thousands of servers. > > The goal is to stop Ansible execution once you put wrong ssh password. > Right now, Ansible tries to connect with wrong password, it fails, and our > SIEM detects this as attack and locks the account instantly. > > Or is there any alternative way how to prevent this from happening? > > Thanks in advance. > > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/9d1250bc-f3fc-47bd-b8b0-16a84dd193da%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/9d1250bc-f3fc-47bd-b8b0-16a84dd193da%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAH4rTPtqHiCeLqy14jut2o9s7zDBdXfig9_At_VgyekohtYRMw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
