On Wed, Oct 10, 2018 at 5:28 AM Thomas Müller <tho...@chaschperli.ch> wrote:
> > > Am Dienstag, 9. Oktober 2018 14:12:39 UTC+2 schrieb comport3: >> >> Mentioned in the Puppet 6 release notes are the ability for a client to >> lookup secret data from Vault. >> >> Is there any more info on how to implement this? >> >> I have done extensive work on POC environments that use Vault as a top >> level in Hierarchy and mark the secrets as 'sensitive' so they do not >> appear in logs and reports, but do not want to continue deploying this >> methodology if it's not the way the technology is headed. >> >> https://github.com/comport3/puppet5-hiera-vault-poc >> > > from https://puppet.com/docs/puppet/6.0/using_a_deferred_function.html : > > The Forge already hosts some community modules that provide integrations >> with secret store, like the following: >> >> - >> >> Azure Key Vault: works on both the master and the server >> - >> >> Cyberark Conjur: works on the master >> - >> >> Cyberark AIM: works on the agent >> - >> >> Hashicorp Vault: works on the agent >> - >> >> AWS Secrets Manager: works on the agent >> >> but it does not directly link the modules. > Apologies for not updating the docs in the last couple of days. The agent-side Vault integration lives here: https://github.com/voxpupuli/puppet-vault_lookup (coming soon to the Forge) See also the related blog post: https://puppet.com/blog/secret-agents-man-secrets-store-integrations-puppet-6 > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/c44e5f05-fefe-40d6-90d0-4471fb33a9a0%40googlegroups.com > <https://groups.google.com/d/msgid/puppet-users/c44e5f05-fefe-40d6-90d0-4471fb33a9a0%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAPyei8XZqM5iAT6D4myoLaNH2n2n9k74yrz9UAns5abE8cvveA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
