That is exactly what I’m looking now! Thanks! I’m actually new to this paradigm. How is it more secure than storing password in plain text? I mean, in your application, you’ll have to store a token or something, so you can query Vault server, right? If an attacker have access to the server, it can query the Vault server with the token, retrieving relevant secrets, no?

Thanks. I would still have to store ansible-vault password locally or something like that, no?

Thanks for the answer. I’m actually deploying to a local Linux server. Is there any tool I could use?