Skip to content

Instantly share code, notes, and snippets.

@rayterrill
Created May 22, 2018 15:18
  • Star 6 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save rayterrill/ff46cc1fd38f7df9b6ea41bb0e834603 to your computer and use it in GitHub Desktop.
Chef code to use AWS Secrets Manager in a Chef Recipe
# Chef code to use AWS Secrets Manager in a Chef Recipe
include_recipe "chef-vault"
vault = chef_vault_item(:chefsecrets, "awschefsecretsmanager")
aws_access_key = vault["access_key_id"]
aws_secret_key = vault["secret_access_key"]
require 'aws-sdk'
require 'json'
client = Aws::SecretsManager::Client.new(region: 'us-west-2', access_key_id: aws_access_key, secret_access_key: aws_secret_key)
resp = client.get_secret_value({secret_id: 'Mongo/admin'})
password = JSON.parse(resp.secret_string)
# DO NOT DO THIS. JUST SHORTCUTTING TO MAKE SURE THINGS WORK
file '/tmp/output' do
content "#{password['Password']}"
mode '0755'
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment