Ask Your Question

standards for controlling developer access

asked 2013-09-18 20:07:39 -0500

Ash gravatar image

Does puppet have any standards on user access control to applying manifests/classes to environments/nodes? We want to restrict the ability of developers to access the production environment, as well as other projects within the development environment.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2013-09-18 22:06:18 -0500

Ancillas gravatar image

Nothing native. The only controls are OS permissions on the environment/module dirs. One successful pattern I've seen work for some groups is using a tool such as r10k.

In r10k, you have the concept of an environment (which is a git repo) and modules (in one big git repo, or in several small git repos). The environment has a file called a Puppetfile which specifies all of the modules that should be installed. When r10k is used to deploy an environment, all of the modules are downloaded.

Each branch of the environment repo is an environment. Branch level ... (more)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2013-09-18 20:07:39 -0500

Seen: 56 times

Last updated: Sep 18 '13