Where do you prefer to store the secret-key? Here are my problems on where to
store the key.
Storing it in chef seems kind of ridiculous because you seem to lose the
point of security. Having the key kept on the same box as your encrypted data
defeats the purpose unless I am missing something. If you do store it in Chef
where do you put it in a data bag.
Storing it as a file on the chef client means you would need to have a
snapshot of that instance when you go to deploy a new server instance.
Keeping it as an attribute in your cookbook seems like it might be the
best choice. Even though the key is now stored as plain text in your cookbook
and also in your Chef server.
Advance thanks for helping me in trying to determine where I need to keep my