# Change the way Puppet Enterprise read crendential file from .fog file

By default, Puppet Enterprise read ~/.fog file to get the awsaccesskeyid and awssecretaccesskey to access AWS EC2.

The credential information is stored in the .fog file in cleartext, for security consideration, I would like to make Puppet Enterprise to obtain the credentials from another source instead of the .fog file. (By calling some APIs, not just read from another static file)

I found the source code of Puppet to read from .fog in the file, /opt/puppet/lib/ruby/gems/1.9.1/gems/fog-1.5.0/benchs/fog_vs.rb :

data = File.open(File.expand_path('~/.fog')).read
fog = Fog::AWS::S3.new(
:aws_access_key_id     => config[:aws_access_key_id],
:aws_secret_access_key => config[:aws_secret_access_key]
)


I have changed it to the format like:

data = File.open(File.expand_path('~/.fog')).read
config[:aws_access_key_id] = "11111"
config[:aws_secret_access_key] = "22222"
fog = Fog::AWS::S3.new(
:aws_access_key_id     => config[:aws_access_key_id],
:aws_secret_access_key => config[:aws_secret_access_key]
)


But the change didn't take effect, even if I have rebooted the machine.

My question is, was that due to Puppet Enterprise is compiled from the source code? How do I make the change works?