On Wed, Oct 10, 2018 at 5:28 AM Thomas Müller <[email protected]> wrote:
> > > Am Dienstag, 9. Oktober 2018 14:12:39 UTC+2 schrieb comport3: >> >> Mentioned in the Puppet 6 release notes are the ability for a client to >> lookup secret data from Vault. >> >> Is there any more info on how to implement this? >> >> I have done extensive work on POC environments that use Vault as a top >> level in Hierarchy and mark the secrets as 'sensitive' so they do not >> appear in logs and reports, but do not want to continue deploying this >> methodology if it's not the way the technology is headed. >> >> https://github.com/comport3/puppet5-hiera-vault-poc >> > > from https://puppet.com/docs/puppet/6.0/using_a_deferred_function.html : > > The Forge already hosts some community modules that provide integrations >> with secret store, like the following: >> >> - >> >> Azure Key Vault: works on both the master and the server >> - >> >> Cyberark Conjur: works on the master >> - >> >> Cyberark AIM: works on the agent >> - >> >> Hashicorp Vault: works on the agent >> - >> >> AWS Secrets Manager: works on the agent >> >> but it does not directly link the modules. > Apologies for not updating the docs in the last couple of days. The agent-side Vault integration lives here: https://github.com/voxpupuli/puppet-vault_lookup (coming soon to the Forge) See also the related blog post: https://puppet.com/blog/secret-agents-man-secrets-store-integrations-puppet-6 > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/c44e5f05-fefe-40d6-90d0-4471fb33a9a0%40googlegroups.com > <https://groups.google.com/d/msgid/puppet-users/c44e5f05-fefe-40d6-90d0-4471fb33a9a0%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAPyei8XZqM5iAT6D4myoLaNH2n2n9k74yrz9UAns5abE8cvveA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
