kazu634
/
itamae
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Deploy `/etc/vault.d/vault.env` to enable AWS KMS.

This commit is contained in:
Kazuhiro MUSASHI 2024-07-15 21:28:07 +09:00
parent 44ca217183
commit e21fa08291
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cookbooks/vault/setup.rb
View File

@ -9,6 +9,16 @@ template '/etc/vault.d/vault.hcl' do
notifies :restart, 'service[vault]' notifies :restart, 'service[vault]'
end end
encrypted_remote_file '/etc/vault.d/vault.env' do
owner 'vault'
group 'vault'
mode '600'
source 'files/etc/vault.d/vault.env'
password ENV['ITAMAE_PASSWORD']
notifies :restart, 'service[vault]'
end
directory '/etc/vault.d/policies' do directory '/etc/vault.d/policies' do
owner 'vault' owner 'vault'
group 'vault' group 'vault'