I am was trying to write some ansible playbooks and got confused with ask_pass and ask_sudo_pass. Can anyone give me a clear idea on it?
In an inventory one provides the connection to a host, e.g.
[local_test]
test-host ansible_ssh_user=some_user ansible_host=192.168.0.2
Note that no password or key is given in the inventory. One could provide the password of that user on the CLI by providing the argument in the command, e.g; ansible-playbook playbook.yml -i inventory ask_pass. Reason to not place the password in the inventory is when using shared files, e.g. when placing the inventory in Git.
Now, ask_sudo_pass is meant when sudo privileges are required, e.g:
---
- hosts: localhost
become: True # Execute whole playbook with root privileges
tasks:
- shell: whoami
register: me
- debug:
msg: "{{ me.stdout }}"
Output:
TASK [debug] *
ok: [localhost] =>
msg: root
TLDR: One is for asking a password for the user, the other one is asking for the password for admin privileges