blob: aa01982e3d72c818d499aad093d0e4bfb7fde864 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
#
# Cookbook:: end_to_end
# Recipe:: chef-vault
#
# Copyright:: Copyright (c) Chef Software Inc.
#
chef_data_bag "creds"
openssl_rsa_private_key "/root/bob_bobberson.pem" do
key_length 2048
action :create
end
chef_client "bob_bobberson" do
source_key_path "/root/bob_bobberson.pem"
end
chef_node "bob_bobberson"
chef_vault_secret "super_secret_1" do
data_bag "creds"
raw_data("auth" => "1234")
admins "bob_bobberson"
search "*:*"
end
chef_vault_secret "super_secret_2" do
data_bag "creds"
raw_data("auth" => "4321")
admins "bob_bobberson"
end
ruby_block "load vault item" do
block do
begin
chef_vault_item("creds", "super_secret_1")
rescue ChefVault::Exceptions::SecretDecryption
puts "Not authorized for this key!"
end
end
action :run
end
|