[RFE] Do not expose VMware credentials during runtime

ansible / awx

AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is one of the upstream projects for Red Hat Ansible Automation Platform.

Other

14.12k stars 3.44k forks source link

[RFE] Do not expose VMware credentials during runtime #5774

Open msilmser opened 4 years ago

msilmser commented 4 years ago

ISSUE TYPE

Feature Idea

SUMMARY

When using the dynamic inventory script for vmWare, the credentials are exposed in the runtime directory at /tmp/awx_(job id)_mzy7mgdf/artifacts/(job_id). While this is only readable by root/awx and is deleted after the sync, we should mask these in job_env similar to AWS secret key.

wenottingham commented 4 years ago

What specifically do you not want exposed in job_env?