We've reached the final post in our Ansible Vault series.  We've come a long way and have just scratched the surface on how Ansible Vault can be used to help secure automation.

You've learned to stop hardcoding passwords by encrypting entire files.  You've mastered surgical security by encrypting s...

In our last post, you learned how to create a fully encrypted file with ansible-vault create.  This is the perfect solution for grouping a set of related secrets, like all the credentials for a new SQL Server build.

But what happens when you don't need to lock down an entire file?

Sometimes, you h...

Last week, we discussed the ticking time bomb of hardcoded passwords and why secure secrets management is a non-negotiable skill for DBAs.  We identified Ansible Vault as the right tool for the job, but theory only gets you so far.

Today, we get our hands dirty.

We're going to take our first step ...

Let's be honest with each other.  We've all done it.

Whether it was a late-night deployment script, a quick and dirty data load process, or a configuration change, we've all hardcoded a password in plain text.  It feels fast.  It gets the job done.  And in that moment, it feels harmless.

But that ...