Is there a way, or possibly a workaround, to encrypt the service_account_file that is used by a dynamic inventory? For instance, I’m using the gcp_compute inventory plugin and have a dynamic inventory YAML file that looks like this:
`
plugin: gcp_compute
projects:
- <project_name>
filters:
auth_kind: serviceaccount
service_account_file: svc-acct-key.json
`
The service account file (i.e. svc-acct-key.json) has sensitive data that should be encrypted and so I’ve encrypted that file using Ansible Vault. I was expecting this inventory file to be run and when it attempts to fetch svc-acct-key.json I was expecting it to decrypt the file, but instead it reads the file in encrypted format and complains that it is not properly formatted JSON. Is there a workaround to get this to work? Ideally I would like to use Ansible Vault since I’m already using this for passwords. Please advise.
Thank you,
Sean