Hello Together!
since few days i try to figure out how to use ansible vault encrypted strings in the AWX Inventory.
With an unencrypted password, everything is working fine.
Passwords secure with vault dont work for some reason.
it wont be decrypted.
This is what i am using:
{
“ansible_connection”: “winrm”,
“ansible_port”: “5985”,
“ansible_password”: “!vault | $ANSIBLE_VAULT;1.1;AES256\n<my_long_password_string”,
“ansible_user”: “admin@mydomain.com”,
“ansible_winrm_server_cert_validation”: “ignore”
}
i Read something about to change
mysql_password: !vault | ansible vault stuff
to
mysql_password: __ansible_vault: | ansible vault stuff
But i cant get it work 
Maybe somene got the answere for me.
Thanks !!!
Greetings
Chris
Hi Chris,
Have you tried creating a machine credential in tower and apply it to your job template?
Result: the password would be encrypted by tower and you would not need the variables: ansible_password and ansible_user.
You can also create a vault credential in tower and apply it as a second credential to the job template.
Result: vault encrypted files will be automatically decrypted.
Good luck,
Thank you for your reply.
I really need the Encrypted string in the Inventory.
I am using the Vault Secret and SSH Linux Machine Secret. So i cant add a second machine credential.
I know it is working but i dont know the right syntax.
Greetings
Chris
Hi Chris,
In your last message you’re using a Linux Machine Secret but in your first message I see a WinRM secret, could you try to explain a little bit more about what you’re doing and why you need both credentials?
Thanks,
AWX Team