Add to Chrome
Add to Edge
Add to Firefox
Add to Opera
Add to Brave
Add to SafariWhen comparing Ansible Vault vs SecretHub, the Slant community recommends Ansible Vault for most people. In the question“What are the best shared secret managers?” Ansible Vault is ranked 1st while SecretHub is ranked 8th. The most important reason people chose Ansible Vault is:
The official documentation of Ansible vault does a great job at explaining how Ansible Vault works and how to use the easy UI for encrypting, decrypting, and re-keying your secrets for storing in source control.
Question Ranking
Pros
Pro The documentation does a good job on explaining how to use it
The official documentation of Ansible vault does a great job at explaining how Ansible Vault works and how to use the easy UI for encrypting, decrypting, and re-keying your secrets for storing in source control.
Pro Allows keeping encrypted data in ansible playbooks easily
Ansible uses configuration files called playbooks which are used to describe a policy that the remote system needs to follow. Though there is often a need to keep data from these configurations files encrypted when using source control.
Doing this in Ansible's Vault is pretty easy, simply running: ansible-playbook site.yml --ask-vault-pass will run a playbook which uses encrypted data.
Pro Client-side encryption
Everything is encrypted client-side. Only the people or machines you share a secret with, can decrypt it.
Pro Audit logging
Every action you or your team members perform is logged. The audit logs give you full insight into who did what, when.
Pro Open Source
All client-side code is available on GitHub.
Pro As a Service
Do not worry about hosting your secret management solution, it is provided As as Service.
Cons
Con No way of exposing just the key in the key-value pair
Ansible vault files are encrypted YAML key-value stores. The entire file is encrypted, and so it's impossible to indicate which keys are defined within the vault without also viewing values.
