Secrets for Custom Salt Engine (Master side)

[jay1648]

Hello All!

I'm looking to create a Custom Salt Engine that will run on the Salt Master. Though the Salt documentation seem to suggest that Engine's configuration can be provided in the master config file (/etc/salt/master), I however don't find this very comforting to have to specify plain secrets in the master config file.

This being a master side Engine, it doesn't seem to have access to pillars, as pillars are assigned to minions only.

Are there some recommendations or any example on how best to handle secrets for Master side returners ?

Thanks in advance !

Jaydeep

[jeremy....@gmail.com]

Trust the master or despair the hall of mirrors.

[Simon Lundström]

Remember that you can include (generated) configuration files that
includes secrets so you don't have to check them into your source
control management.

See https://docs.saltproject.io/en/latest/ref/configuration/master.html#std-conf_master-include

BR,
- Simon

> --
> You received this message because you are subscribed to the Google Groups "Salt-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com<mailto:salt-users+...@googlegroups.com>.
> To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/e1a99306-c04b-4f6e-a887-5b434eed6625n%40googlegroups.com<https://groups.google.com/d/msgid/salt-users/e1a99306-c04b-4f6e-a887-5b434eed6625n%40googlegroups.com?utm_medium=email&utm_source=footer>.

[Sid Young]

You can create your own conf files and put them in /etc/salt/master.d they get read in AFTER the master conf file. Much cleaner solution.