Documentation

9. Create a Credential

Credentials authenticate the Tower user to launch Ansible playbooks against inventory hosts, which can include passwords and SSH keys. You can also require the Tower user to enter a password or key phrase when a playbook launches using the credentials feature of Tower.

Create a new credential by browsing to and clicking on the Credentials link from the setup button.

Note

When setting up your credential, keep in mind that the user you assign must have root access or be able to use SSH to connect to the host machine.

Credentials - setup screen

Click the plus-button button to create a new credential.

Credentials - add credential new

Enter an arbitrary Name and Description for this credential based on the user you created earlier. Select the “User” radio button.

Credentials - click user

Click the lookup-button button to find the user you created earlier, then select that user.

Credentials - select the user for new credential

Next, select credential type Machine.

Enter the details of the appropriate authentication mechanism to use for the host you added to Tower earlier. For testing purposes, remember to use credentials for a real host that you can access via SSH. To keep things simple, rather than entering the password here, you will enter it later when a playbook launches using these credentials. Check the box Ask at runtime?.

Note

Tower supports different options for what you want to store for credentials in this box. Uploading a locked SSH key is recommended and Tower can prompt you for the SSH unlock password for use with ssh-agent when launching the job. Tower encrypts passwords and key information in the Tower database and never makes secret information visible via the API.

Credentials - check SSH password ask at runtime for new credential

Click Save and your newly created credential appears.

Credentials - index showing newly created credential