storing ansible vault key and encrypted files in s3

wondering if we can pass s3 uri as a path for file

ansible-vault view
group_vars/encryptedfile.yml--vault-password-file=vault.pem

I dont want to store these in my git repo and wondering if these can be
accessed from s3 bucket which has IAM policies setup

something similar

ansible-vault view s3://
aws.amazon.com/mybucket/encryptedfile.yml--vault-password-file=
<https://www.linkedin.com/redir/redirect?url=aws.amazon.com%2Fmybucket%2Fencryptedfile.yml--vault-password-file%3D&urlhash=KyaA&_t=tracking_anet&gt;
s3://aws.amazon.com/differentbucket/vault.pem
<https://www.linkedin.com/redir/redirect?url=aws.amazon.com%2Fdifferentbucket%2Fvault.pem&urlhash=anB-&_t=tracking_anet&gt;

may be i should ask if/how are u managing your pem (vault, encrypted files)
especially . deploying your infrastructure using terraform and ansible
combination

Look into vaultproject.io and https://github.com/jhaals/ansible-vault/
plugin. You should be able to store vault backend data in s3 and use IAM
to restrict access for the vault server.

A+
Dave