Ranked in these QuestionsQuestion Ranking
Pro Allows keeping encrypted data in ansible playbooks easily
Ansible uses configuration files called playbooks which are used to describe a policy that the remote system needs to follow. Though there is often a need to keep data from these configurations files encrypted when using source control.
Doing this in Ansible's Vault is pretty easy, simply running:
ansible-playbook site.yml --ask-vault-pass will run a playbook which uses encrypted data.
Pro The documentation does a good job on explaining how to use it
The official documentation of Ansible vault does a great job at explaining how Ansible Vault works and how to use the easy UI for encrypting, decrypting, and re-keying your secrets for storing in source control.
Con No way of exposing just the key in the key-value pair
Ansible vault files are encrypted YAML key-value stores. The entire file is encrypted, and so it's impossible to indicate which keys are defined within the vault without also viewing values.