Random thoughts of a warped mind…

May 30, 2013

Source config info from a Chef data bag in a knife executable script

Filed under: Amazon EC2,Chef,EC2,Ruby — Srinivas @ 03:59

Its nice not to have to hardcode config info into multiple scripts – A clean way to do this is to use Knife data bags . This way config information can be shared between cookbooks run on chef managed instances as well as used in one-off scripts run from your chef management box.

The trick is to use ‘Chef::DataBagItem’ in your script and execute this script via “knife exec scriptname.rb”. This means that the execution of this script will use your chef login info to access your chef server, access the data bag and pull the keys from it into your local script.

See this gist which shows how to source your AWS EC2 credentials from a data bag (The script itself only emulates the stock ‘ec2-describe-regions’ command).

Run the script via “knife exec /pathto/awscreds_from_databag.rb”

Powered by WordPress