mcoussi
(Matthieu COUSSI)
May 9, 2025, 12:23pm
1
Hi,
For an application, i have a token to request the API.
I don’t want to store this token in my Ansible Project Code.
It seems possible to store this Token in AWX and use it in the playbook.
I tried to create a [VAUL] Credentials in AWX, but i don’t how can i use this token un my playbook.
How can i create a token in AWX and use it in the plays ?
Thanks for your help,
Matt
Novasyll
(Novasyll)
May 9, 2025, 1:31pm
2
Hi Matt
You can use the AWX Vault password to encrypt a secret with “ansible-vault” (see Encrypting content with Ansible Vault — Ansible Community Documentation )
e.g.
ansible-vault encrypt-string ‘HereComesYourAPIToken’ --name ‘your_vaulted_api_token’
You will get something like the following, which you can use/store without concerns in your project code as variable, since it is encrypted:
your_vaulted_api_token: !vault |
$ANSIBLE_VAULT;1.2;AES256;dev
30613233633461343837653833666333643061636561303338373661313838333565653635353162
3263363434623733343538653462613064333634333464660a663633623939393439316636633863
61636237636537333938306331383339353265363239643939666639386530626330633337633833
6664656334373166630a363736393262666465663432613932613036303963343263623137386239
6330
When using the ansible_vault command, you’ll be asked to enter twice a password which is used to enrypt your token. That password you have to register in AWX as a Vault secret. When you run your playbook with that AWX Vault secret, it will be able to decrept your encrypted api token variable during runtime.
1 Like
mcoussi
(Matthieu COUSSI)
May 9, 2025, 1:52pm
3
Hi @Novasyll ,
Thanks,
I found this video and explained how to do what i want and it works fine :
Matt