Good day,
We were attempting to secure passwords appearing in files.
In the node manifest we changed
$password = lookup("user_cred.${username}.${domain_lookup}.password"))
to
$password = Sensitive(lookup(
"user_cred.${username}.${domain_lookup}.password"))
In the resources file it correctly redacted the password, but when i open
C:\ProgramData\PuppetLabs\puppet\var\client_data\catalog\<node>.json
It shows the password in plain text under the section
/etc/puppetlabs/code/environments/sensitive/site/profile/manifests/windows/domain/join.pp
but still redacted under the section
/etc/puppetlabs/code/environments/sensitive/modules/domain_membership/manifests/init.pp
How can redact the password in all locations?
Any help is greatly appreciated, thank you very much.
Jason
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/ed5873cf-a60b-4b66-b3f2-ad7f7714f9c3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
