I am using YAML file to read/write data from the s3 bucket, i have mentioned the AWS access key and secret key inside the YAML file itself.
but now I want to put aws_secret_key in another txt file, and read the secret key from the text file.
How can we configure the YAML file to read the aws_secret_ key from another file?
Please help me.
Thanks & Regards,
Prasad
Related
I want to create a file (namely an id_rsa key) using ansible.
It seems that using the copy builtin module is no longer recommended and users are advised to use template.
If I understand correcly, I will have to put the contents of the id_rsa to an id_rsa.j2 and then render it on the target host.
This of course will then have to be encrypted with ansible-vault.
My question is whether there is a workaround (since I already have a vars file with secrets) so that I add the contents of the private key to this (already encrypted) file to avoid adding yet another encrypted file just for this purpose.
You wouldn't put any sensitive information in your template, just the variable name, the same way you would have with copy + content.
{{ my_private_key_var }}
I’m storing my password and connection strings in yaml file before. Now, I’m trying to store my password in local drive in ".txt" format and parse it to the yaml file. If anyone can help me in what way to approach in parsing would be helpful.
Below are the password details and connection strings used in yaml file which I created.
app_server_name: ************
app_server_username: $USERNAME$
app_server_password: ‘**********’ #trying to parse from local drive
app_yaml_file: /devl/galaxy/common/edwEnvironmentConfig.yml
environment_profile: /home/$USERNAME$/eproduct/difenv
teradata_logon_file: /home/$USERNAME$/.priv/devl/.td_connection
project_root_directory: /home/$USERNAME$/eproduct/
teradata_auth_type: ‘ldap’
tmode: ‘TERA’
What I Found:
http://ruby-doc.org/stdlib-1.9.3/libdoc/yaml/rdoc/YAML.html
Also using the psych gem:
https://docs.ruby-lang.org/en/2.5.0/Psych.html
I expect to parse my password details into yaml instead of manually entering it.
I have a properties file which contains several name=value pairs. This properties file contains several secrets in value. My requirement is to delete the property value after reading the values using a shell script. The property file will also contain comments.
Properties file:
#docker image key
name=secret_value
#username
abc=bcd
#password
def=efg
The shell script should delete all values after reading the properties file like:
New Properties file :
#docker image key
name=
#username
abc=
#password
def=
How to achieve this?
In the script, after the properties file is read, add the below command:
sed -i 's/\=.*/=/' property_file_name
I have a p12 file, which is needed to execute tests.
I added following lines to system.properties file.
javax.net.ssl.keyStoreType=pkcs12
javax.net.ssl.keyStore=C:\certs\certificate.p12
javax.net.ssl.keyStorePassword=certificate_password
It was not working, so I created jks file from certificate with keytool and set it in the same file.
javax.net.ssl.keyStore=C:\certs\keystore.jks
javax.net.ssl.keyStorePassword=certificate_password
I used CSV Data Set Config to set also alias, which is used in Keystore Configuration component, but not sure, what should be stored in csv data file, how to provide key aliasses. Options -> SSL Manager stores certificates until JMeter is closed, doesn't store those permanently.
For example you have the csv file holding aliases aliases.csv looking like:
alias1
alias2
alias3
etc.
So you can add CSV Data Set Config to read this file and store the alias value into, say alias variable
And finally you can use alias variable value in the Keystore Configuration which will refer the value of the alias from the CSV file:
More information: How to Use Multiple Certificates When Load Testing Secure Websites
for some kind of yml files that we have to store passwords (of MySQL users) we use ansible-vault encrypt to maintain some security.
The problem is every time we have to edit we are forced to input the password.
I was looking how to fix this and seems is pretty easy but I couldn't make it work yet.
I've created a file in my home directory called:
.vault_pass.txt
inside of that, I have the password. And in the ansible.cfg in my repository I have the variable:
vault_password_file = ~/.vault_pass.txt
Didn't work as expected. So I tried to force ansible-vault command to read the file with this parameter
# ansible-vault decrypt --vault-password-file ~/.vault_pass.txt vars/vars-mysql-config.yml
Output error:
ERROR! input is not vault encrypted data for vars/vars-mysql-config.yml
It seems I forgot something here but I wasn't able to find the right info.
Anyone has any idea about that?
Thanks guys!
I guess you misuse decrypt command instead of view.
To view encrypted file use view:
ansible-vault view --vault-password-file ~/.vault_pass.txt vars/vars-mysql-config.yml
If you want to decrypt the file and leave it in plain text, use decrypt:
ansible-vault decrypt --vault-password-file ~/.vault_pass.txt vars/vars-mysql-config.yml
If you try to run decrypt command second time, it will give you expected error:
ERROR! input is not vault encrypted data for vars/vars-mysql-config.yml
because file is already plain-texted.