puppetlabs-apache icon indicating copy to clipboard operation
puppetlabs-apache copied to clipboard
verified publisher icon puppetlabs

Do not reveal sensitive Data

Open cocker-cc opened this issue 1 year ago • 0 comments

To not reveal sensitive Data like f.e. the LDAP-Password,

  • either wrap the rendered Template in manifests/vhost.pp, like 
        concat::fragment { "${name}-directories":
      target  => "${priority_real}${filename}.conf",
      order   => 60,
      content => Sensitive(template('apache/vhost/_directories.erb')),
    }
    concat is able do handle Sensitive since 7.4.0.
  • or use EPP instead of ERB, as EPP does handle sensitive Data natively

cocker-cc avatar May 11 '24 12:05 cocker-cc