A Wood Duck

Erin Call

Secrets In Source Control

This is a talk I gave to the Portland Ansible Meetup on 2015-02-26. I talked about how to use the Vault feature of Ansible to encrypt secrets like SSL keys and store them in source control. If you want to follow along with the slides, they're shared as a Google Docs presentation.

You'll want to turn up your speakers, as the audio is fairly quiet.

This talk expands on the ideas I wrote about in a blog post some time earlier. In short, I think layering asymmetric GPG encryption on top of Ansible's symmetcric AES encryption eases some usability problems with the raw Vault.