A Blog

An occasional data tap into Peter Burkholder’s brain

Lambda to Defer Chef Code Evaluation

| Comments

Draft Note

TKTK: needs explanation

Don’t do this, for examplar purposes only:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
cookbook_file '/etc/chef/encrypted_data_bag_secret' do
  source 'encrypted_data_bag_secret'
end

# create an 'aws' lambda to call during converge phase
aws = lambda do
  data_bag_item(
    'encrypted', 'aws', IO.read('/etc/chef/encrypted_data_bag_secret')
  )
end

template '/home/ubuntu/.s3cfg' do
  source 's3cfg.erb'
  owner 'root'
  group 'root'
  mode 00744
  variables lazy {
    {
      aws_secret_key: aws.call['aws_secret_key'],
      aws_access_key: aws.call['aws_access_key']
    }
  }
end

Comments