vault

@Chef

Knife


# Create a vault
knife vault create passwords root '{"username": "root", "password": "mypassword"}' -S "role:webserver"

# Re-encrypt the vault with a fresh search of nodes
knife vault refresh passwords root

# Update the search for hosts on a vault
knife vault update passwords root -S "role:webserver"

# Create a vault from a file
knife vault create certs example.com --file example.crt

Code


chef-vault cookbook


include_recipe "chef-vault"
vault = chef_vault_item(DATABAG, ITEM)

chef-vault gem


chef_gem 'chef-vault' do
  compile_time true if respond_to?(:compile_time)
end

require 'chef-vault'

item = ChefVault::Item.load("passwords", "root")
item["password"]

Links

chef vault gem
chef vault cookbook