Chef Infra Client 17.7.22 Released!

We are delighted to announce the availability of version 17.7.22 of Chef Infra Client.

Secrets Manager Integration

Improved Azure Key Vault Support

The beta secrets manager helper now supports Azure Key Vault on VMs with multiple User Assigned Managed Identities. You can now specify an identity with the client_id, object_id, and mi_res_id options. The default is the system-assigned identity, which is the same as in past releases. If you omit an option, the secrets manager uses the system-assigned identity. See the Azure docs for more information.

Fetching Secret Using Specified client_id

secret(name: "test3", service: :azure_key_vault, config: { client_id: "3fc5c05e-604c-44ef-b27b-36da9d78c470" })

Fetching Secret Using Specified object_id

secret(name: "test3", service: :azure_key_vault, config: { object_id: "3fc5c05e-604c-44ef-b27b-36da9d78c470" })

Fetching Secret Using Specified mi_res_id

secret(name: "test3", service: :azure_key_vault, config: { mi_res_id: "3fc5c05e-604c-44ef-b27b-36da9d78c470" })

Thanks for this improvement @jasonwbarnett!

Target Mode

The Target Mode beta, which executes Chef Infra on remote systems without the client installed, has bug fixes and new functionality:

  • Several bugs in Ohai preventing remote Ohai execution were resolved.
  • Added an :api platform type to enable REST APIs instead of operating systems.
  • Added support for specifying transport_protocol on targets to the Chef credential file. For example:
transport_protocol = "serial"

device = "/dev/ttyUSB0"
# ... and other Transport-specific settings

Thanks @tecracer-theinen for continually improving the Target Mode experience!

Resource Updates


The chocolatey_source resource now supports setting up authenticated sources. See the chocolatey_source resource documentation for more information on the new properties introduced to support user/password or certificate authentication. Thanks for this improvement @gep13!


Failures running the cron resource with a commented-out cron entry have been resolved. Thanks for this fix @wheatevo!


The kernel_module resource now includes an :enable action, which allows you to install a kernel module that was previously disabled. Thanks for this improvement @qubitrenegade!


The macos_userdefaults resource now uses use native macOS API calls instead of shelling out to command line tools. This complete rewrite makes setting complex data types in the resource more reliable.


Failures running the subversion resource have been resolved. Thanks for this fix @tomhughes!

Bug Fixes

  • Fixed failing knife gem installs on Windows.
  • Fixed detection of 32bit Windows applications on 64bit Windows installations in node['packages']. Thanks for this fix @knightorc!
  • Resolved Ruby deprecation warnings in Ohai on Windows and macOS hosts.

Get the Build

As always, you can download binaries directly from or by using the mixlib-install command-line utility:

$ mixlib-install download chef -v 17.7.22

Alternatively, you can install Chef Infra Client using one of the following command options:

# In Shell
$ curl | sudo bash -s -- -P chef -v 17.7.22
# In Windows Powershell
. { iwr -useb } | iex