Credentials authenticate the Tower user to launch Ansible playbooks against inventory hosts, which can include passwords and SSH keys. You can also require the Tower user to enter a password or key phrase when a playbook launches using the credentials feature of Tower.
Create a new credential by browsing to and clicking on the Credentials link from the button.
Note
When setting up your credential, keep in mind that the user you assign must have root access or be able to use SSH to connect to the host machine.
Click the button to create a new credential.
Enter an arbitrary Name and Description for this credential based on the user you created earlier. Select the “User” radio button.
Click the button to find the user you created earlier, then select that user.
Next, select credential type Machine.
Enter the details of the appropriate authentication mechanism to use for the host you added to Tower earlier. For testing purposes, remember to use credentials for a real host that you can access via SSH. To keep things simple, rather than entering the password here, you will enter it later when a playbook launches using these credentials. Check the box Ask at runtime?.
Note
Tower supports different options for what you want to store for credentials in this box. Uploading a locked SSH key is recommended and Tower can prompt you for the SSH unlock password for use with ssh-agent when launching the job. Tower encrypts passwords and key information in the Tower database and never makes secret information visible via the API.
Click Save and your newly created credential appears.