Sharing sensitive variables between ansible and terraform

Simple proof of concept, how to share some sensitive variables between terraform and ansible in a way that allows committing into git, while also being reasonably easy to decrypt, and be used natively via ansible play.

Ansible

Let’s create some sensitive variables in ansible play, env-default-secure-vars.yml:

Terraform

Now let’s see how can we consume in terraform the same data ?

Summary

POC shows how you can share some of your provisioning variables with terraform and back (terraform can generate variables yml file). Might be suitable for some situations, although not the ideal.

Software engineer, with project management background. Founder @ softasap.com — cool automation for the people :) — have a problem that needs to be solved?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store