The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Puppet Plugin

Puppet is one of the most mature configuration management tools.

Pre-requisites

The vault and debouncer gems must be installed and loadable from Puppet.

gem install vault
gem install debouncer

The data provider is available by installing the petems/hiera_vault module into your environment:

# puppet module install petems/hiera_vault

Hiera Configuration

Create hiera.yaml at the following path /etc/puppet/

---
version: 5
:hierarchy:
  - name: "Hiera-vault lookup"
    lookup_key: hiera_vault
    options:
      ssl_verify: false
      address: https://hvp.akeyless-security.com
      token: "<access-id>..<access-key>"
      mounts:
        secret:
          - data

Create a sample module

modules/akeyless_vault_demo
Create init.pp with the following:

class akeyless_vault_demo {
  $secret_name = "MySecret"
  $vault_lookup = lookup({"name" => $secret_name, "default_value" => "No Vault Secret Found"})
  $secret_value = $vault_lookup["data"][$secret_name]
  file { '/tmp/hello_from_akeyless':
      content => "Secret is: [${secret_value}]\n"
  }
}

Secret fetch

Retrieve the secret at the Puppet agent using the following command:

[email protected]:~# puppet agent -t
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Loading facts
Info: Caching catalog for ub-vm.localdomain
Info: Applying configuration version '1589275681'
Notice: /Stage[main]/Akeyless_vault_demo/File[/tmp/hello_from_akeyless]/ensure: defined content as '{md5}b1520033f813b64694200ca5264e3f79'
Notice: Applied catalog in 0.01 seconds

Present the secret value:

[email protected]:~# cat /tmp/hello_from_akeyless
Secret is: [my secret password]

📘

Plugin repo for Puppet

A hiera backend for access to secrets being stored in Vault -
https://github.com/petems/petems-hiera_vault

Updated 4 months ago

Puppet Plugin


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.