I’m looking at then VMWare modules for Ansible and they all seem to require the vCenter username and password in the playbook. For security reasons, I’d prefer to use a Kerberos ticket (as the vCenter is domain-joined) - is this possible? Otherwise, how do we avoid plain-text passwords floating about everywhere? I’m yet to be convinced by the Ansible Vault as anyone with the Vault password can just decrypt the files (if I’m wrong, convince me!).
Phil