Since Puppet is so integral to the environment and has the ability to change the configuration of any system, it is vital that we protect it from potential attacks.

Luckily, the default out-of-the-box configuration is very secure. However, if we wish to approach advanced scenarios or extend Puppet, we might get into situations that warrant changing defaults.

Additionally, as our environment grows and becomes more complex, it makes sense to start to investigate ways to automate Puppet itself. Autosign has many tools available to make this easier for us.

Now that we've secured the Puppet Master software, in the next chapter, we'll move on to examine how community-contributed modules can help us with security, as well as getting us up to speed ...