Chef bootstrapping question

Hi all -

I’m working on a cookbook that when run, produces a secure jump host.

I am planning on using chef for managing user public key/nix account creation.

However - I’m trying to do my best to run this all through test kitchen, however, I’m not positive how to configure the chef-client cookbook attributes such that I can connect to a “test” org on a given chef server.

In my case, the chef server is running happily in AWS, I don’t want to continually boot/alter/bake services to just verify the configuration changes.

How do people do things like supply their validation.pem file? How do people generally test their run lists?

Are you referring to running a test in a separate Chef “Test” Organization before running it in your “regular” Chef Org?

I’m just chasing my tail a bit…

If I have something like an ASG managing my nodes, how do I get a dynamic instance to boot and register with chef?

The thing I’m struggling with is the validation.pem file. I’m not positive how to get that into the baked AMI properly.

It’s harder when it’s a shared base ami across multiple accounts, each with their own chef server.