On Thu, Mar 10, 2016 at 12:05 PM, Johan De Wit <[email protected]> wrote:
> Hi, > > Anyone playing with the idea to manage passwords on the node by retrieving > them from an externa source like cyberark ? > > The idea is to avoid storing passwords in some 'human readable' form in eg. > hiera, manifests, catalogs, puppetdb ...... > Main concern is security. > > Why can't you store them in hiera using hiera-eyaml?, which is what most people do - so they are stored inline with the rest of your configuration but are encrypted. If you want to go the extra mile you could use Vault, there is also a hiera-vault backend, though I've not got first hand experience of that. Craig -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACxdKhF0Fk6yz%3D3Aw--VFA_DBJ1wGr0Mmfd14SezXUErn4XZNA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
