- From: Adam Jacob <
>
- To:
- Subject: [chef] Re: sensitive data best practices
- Date: Wed, 8 Sep 2010 09:15:42 -0700
We've had a couple of different approaches. One is to store secrets
in data bags, another is to store it as node attribute data.
A third alternative would be to encrypt the data yourself, and then
deal with key distribution. You can't avoid this - at some point, if
you want the data to be both available and secure, you'll have to
encrypt it, and you'll have to distribute the keys.
Adam
On Mon, Sep 6, 2010 at 7:57 PM, Andrew Shafer
<
>
wrote:
>
>
How are people sensitive data?
>
For example 'passwords'... not just passwords for the nodes but for other
>
services like mysql that are running.
>
Anyone doing something they think is awesomely secure?
>
>
>
>
>
>
--
Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E:
Archive powered by MHonArc 2.6.16.