[chef-dev] Re: How Secure is an encrypted data bag, really?

[Joshua Miller < >]

Most of our dev team has full read access to our Chef repo so they can see how things work, only a few have access to the chef server production ORG on the private server .  This allows them to see all the chef repo with roles,cookbooks,and data bags and submit pull request without exposing our data to them.  Now if you don't keep data bags in your chef repo or you break it out then yes it may of limited use.  Although if your using hosted or private chef you could use the ACL and allow people to read the current info on the chef server but not be able to edit them.  This would mean encrypted data bags would be very useful to keep things like license keys locked down as they would not be able to see the contents of that data.

-- 

Joshua SS Miller

On Thursday, October 3, 2013 at 11:26 PM, Bryan Taylor wrote:

The question is really about encrypted vs regular data bags. I'm trying to find a scenario where someone can view an unencrypted data bag without being able to change cookbook contents. Unless there are such scenarios, I don't see any benefit to encrypting the data in a data bag.

From: Joshua Miller < "> >
Date: Friday, October 4, 2013 12:25 AM
To: Bryan Taylor < "> >
Cc: " "> Dev" < "> >
Subject: Re: [chef-dev] How Secure is an encrypted data bag, really?

Mostly you chef repo will not contain private info if you use encrypted data bags wisely.  This allows you to share it with everyone with little concern they are going to get sensitive information.

Joshua

-- 

Joshua Miller

Sent with Sparrow

On Thursday, October 3, 2013 at 10:23 PM, Bryan Taylor wrote:

If an attacker gains access to the chef server, can they not alter cookbook code that chef clients eventually run to obtain the data bag decryption keys this way?  Is there any protection against this? If not, are there still scenarios where the encryption does add value?