chef-guard-cookbook

The Chef-Guard cookbook installs and configures Chef-Guard into your environment.

Attributes

Please check http://xanzy.io/projects/chef-guard for all needed details

Usage

This cookbook uses Chef-Vault to store the .pem file content, bookshelf key, and bookshelf secret. The pem file is the private key of the Chef user that Chef-Guard uses to interact with the Chef server and Supermarket. Bookshelf is an internal component of your Chef installation and is used to store uploaded cookbook files.

Please see the following examples for creating the vault items:

knife vault create chef-guard chef.pem -M client -S "name:some-node-search" -A your-chef-username --file chef.pem

The bookshelf keys are created by Chef during install time and are saved in either /etc/chef-server/chef-server-secrets.json (for Open Source Chef) or /etc/opscode/private-chef-secrets.json (for Enterpise Chef and Chef 12) and look something like this in those files:

 "bookshelf": {
    "access_key_id": "xxxxxx",
    "secret_access_key": "yyyyyy"
 }

So just get the keys from one of those files and create the vault like this to get yourself going:

knife vault create chef-guard chef.bookshelf -M client -S "name:some-node-search" -A your-chef-username '{"key":"xxxxxx","secret":"yyyyyy"}'

from https://github.com/xanzy/chef-guard-cookbook