Hello all, 
in an AAP job template survey I defined an extra variable of type password, to pass sensitive information. When entering the sensitive data it is masked with dots. In this case the extra variable was used with an HTTP request. But I was surprised because the content of the variable, the sensitive data, was visible in clear text in the Ansible output.
So I asked myself: Is it possible to mask, suppress or otherwise obfuscate the content of extra variables of the password type in the Ansible output?
With the statement no_log: true it is possible to suppress the entire output, as far as I know. Can such an approach also be used specifically for variables?
Thanks for hints and tips.
Best regards
Stefan
Hello all,
it seems I have found a way:
In the sidebar of the Ansible Automation Platform (AAP) exists the possibility to define credential customer specifications via Automation Execution > Infrastructure > Credentials Types. Here it is possible to define id, type, label, secret, etc. of a credential. The type vault is also available. At Automation Execution > Infrastructure > Credentials is it possible to link to the defined Credential Type and to define the custom specific type details. At Automation Execution > Template is it possible to link the Credentials so that they can then be used in the linked playbook. The variables are then not displayed as plain text in the log.
Best regards
Stefan