O'Reilly logo

Chef Infrastructure Automation Cookbook by Matthias Marschall

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using encrypted data bag items

Data bags are a great way to store user and application-specific data. Before long you'll want to store passwords and private keys in data bags as well. But, you might (and should) be worried about uploading confidential data to a Chef Server.

Chef offers encrypted data bag items to enable you to put confidential data into data bags, reducing the implied security risk.

Getting ready

Make sure you have a Chef repository and can access your Chef Server.

How to do it...

Let's create and encrypt a data bag item and see how we can use it:

  1. Create a directory for your encrypted data bag:

    mma@laptop:~/chef-repo $ mkdir data_bags/accounts
    

  2. Create a data bag item for a Google account:

    mma@laptop:~/chef-repo $ subl data_bags/accounts/google.json ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required