Chapter 2. Protecting Your Secrets with Ansible
Secrets are meant to stay secret. Whether they are login credentials to a cloud service or passwords to database resources, they are secret for a reason. Should they fall into the wrong hands, they can be used to discover trade secrets, customers' private data, create infrastructure for nefarious purposes, or worse. All of which could cost you or your organization a lot of time, money, and headache! In this chapter, we cover how to keep your secrets safe with Ansible:
- Encrypting data at rest
- Protecting secrets while operating
Encrypting data at rest
As a configuration management system or an orchestration engine, Ansible has great power. In order to wield that power, it is necessary to entrust secret ...