I am puzzled how to secure the use of knife in open source chef. If I add a password to the user PEM I am forced to enter the password multiple times for each knife command. So that’s not a very user friendly option. Someone else suggested storing the pem on an encrypted file system/device/etc. What is the best practice to provide controlled admin access to the chef server? It’s a little unnerving that someone with a copy of any admin PEM file gains complete control over your infrastructure. I feel like I must be missing something.
Thanks,
-Joe
Archive powered by MHonArc 2.6.16.