IT automation and orchestratio...

Ansible Vault

3min

This document provides information about configuring HSMs with Ansible Vault by using PKCS #11 libraries. For additional questions related to your HSM, see the relevant user guide.

About Ansible Vault

Ansible is an open-source IT automation tool developed by Red Hat. It automates various IT tasks, such as configuration management, application deployment, orchestration, and task automation.

Ansible Vault is a feature of Ansible that enables you to encrypt sensitive date such as passwords or keys in encrypted files instead of plaintext.

Using HSMs to protect Ansible private keys

Ansible Vault can work with private keys stored on hardware security modules (HSMs), which helps to prevent the disclosure of the keys and enables the secure usage of private keys to perform various functions.

With this integration, you can securely reference your private key stored in an HSM to perform automated encryption and decryption tasks with Ansible Playbooks by using the PKCS #11 library and OpenSSL.

Guardian integration