Using Chef encrypted data bags and Hiera-eyaml with Puppet

Some information in data bags can be safely stored in the Chef server in plain text, but under some circumstances, sensitive information might be safer if encrypted. Companies might not like production API keys, private keys, or similar sensitive content to be stored in plain text on the Chef server or on third-party services, such as GitHub. We'll see how to encrypt and decrypt data in the command line and from inside a Chef recipe.

Getting ready

To step through this recipe, you will need:

A working Chef DK installation on the workstation
A working Vagrant installation on the workstation
The Chef code (optionally) from Chapter 6, Fundamentals of Managing Servers with Chef and Puppet, Chapter ...

Get Infrastructure as Code (IAC) Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Infrastructure as Code (IAC) Cookbook by Stephane Jourdan, Pierre Pomes

Using Chef encrypted data bags and Hiera-eyaml with Puppet

Getting ready

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly