2

I want/need one of my nodes to access a data bag on my chef server. The purpose is to get a decrypted ssh key so i can clone from a private repo. I've been trying many variations of 

knife vault update data_bag item -A 'name-of-node'

But I do not see the node come up on the list of clients with access.

What am I doing wrong in this command or need to do to get this to work? I've been following this guide, but I'm not using roles.

WhyAyala
  • 647
  • 7
  • 29

1 Answers1

0

Figured out that this command works for updating, but it basically adds all nodes and users. Would prefer a more precise answer for just an individual node if someone has one.

knife vault update data_bag item --search '*:*' --admins me --mode client

https://github.com/chef/chef-vault/issues/181

https://github.com/chef/chef-vault/blob/master/THEORY.md

EDIT:

As the user in the comments mentioned, this too works and is more correct.

knife vault create data_bag item '{"itemname":"securepass"}' --search 'name:my-node-name' --admins me --mode client

WhyAyala
  • 647
  • 7
  • 29
  • 1
    Try a search that zeros in on your server. --search "name:myservername" – Mark O'Connor Jan 18 '17 at 01:47
  • I will try that later when i have time and leave a comment. – WhyAyala Jan 18 '17 at 20:42
  • @MarkO'Connor That did work, i had thought i'd tried that but I must have used 'node' instead of 'name'. I thought the chef documents said you could pass 'role','node', and some other option, but not name. – WhyAyala Jan 19 '17 at 21:20