----- Original Message ----- > Sure, but that doesn't really address the issue (at least not > out-of-box). Hiera puts your data outside your manifests, but at > least in our case it's still in revision control. Are you putting > your Hiera data elsewhere? If so, how do you control access to it?
it would be pretty trivial to create an encrypted hiera backend that can only be decrypted by machines that have a key stored on their disks. You'd check into SCM the encrypted file and on your masters store the decrypt key -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
