Member-only story
Working with sensitive data-2: Using AWS Parameter Store and Ansible Vault together.
In this article, we’ll talk about how to use Ansible-vault and AWS SSM Parameter Store together. I’ll demonstrate how to use Ansible Vault and AWS SSM Parameter Store together step by step hands-on, by explaining some of the best practices for keeping the data safe.
Read on and keep prying eyes away from your secrets!
Topics we will cover:
1. What is AWS SSM Parameter Store?
2. Using AWS Parameter Store and Ansible Vault together
3. Creating the script for Ansible and AWS SSM Parameter Store
4. Creating a parameter in Parameter Store
5. Creating a Policy for the Parameter Store
6. Attaching the policy to the role
7. Finally, run ansible-playbook and get automatically the password from AWS SSM Parameter Store, and create new users on all nodes.
8. As a result
9. Next post
10. References
If you like the article, I will be happy if you click on the Medium Following button to encourage me to write more, and not miss future articles.
Your clap, follow, or subscribe, they help my articles to reach the broader audience. Thank you in advance for them.
1. What is AWS SSM Parameter Store?
Parameter Store, a capability of AWS Systems Manager, provides secure, hierarchical storage for configuration data management and secrets management. You can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values. You can store values as plain text or encrypted data.
You can reference Systems Manager parameters in your scripts, commands, SSM documents, and configuration and automation workflows by using the unique name that you specified when you created the parameter. (1)