.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "KNIFE\-DATA\-BAG" "1" "July 2013" "Chef 11.6.0.rc.4" "Chef Manual"
.
.SH "NAME"
\fBknife\-data\-bag\fR \- Store arbitrary data on a Chef Server
.
.SH "SYNOPSIS"
\fBknife\fR \fBdata bag\fR \fIsub\-command\fR \fI(options)\fR
.
.SH "DESCRIPTION"
Data bags are stores of arbitrary JSON data\. Each data bag is a collection that may contain many items\. Data Bag Items are indexed by the Chef Server and can be searched via \fBknife\-search\fR(1)\.
.
.P
Data bags are available to all nodes configured by \fBchef\-client\fR(8), and are therefore a convenient mechanism to store global information, such as lists of administrative accounts that should be configured on all hosts\.
.
.SH "DATA BAG SUB\-COMMANDS"
.
.SH "CREATE"
\fBknife data bag create\fR \fIbag name\fR [item id] \fI(options)\fR
.
.TP
\fB\-s\fR, \fB\-\-secret SECRET\fR
A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\.
.
.TP
\fB\-\-secret\-file SECRET_FILE\fR
The path to a file containing the secret key to be used to encrypt the data bag item\.
.
.P
If \fIitem id\fR is given, creates a new, empty data bag item and opens it for editing in your editor\. The data bag will be created if it does not exist\.
.
.P
If \fIitem id\fR is not given, the data bag will be created\.
.
.SH "DELETE"
\fBknife data bag delete\fR \fIbag name\fR [item id] \fI(options)\fR
.
.P
Delete a data bag, or an item from a data bag\.
.
.SH "EDIT"
\fBknife data bag edit\fR \fIbag name\fR \fIitem id\fR \fI(options)\fR
.
.TP
\fB\-s\fR, \fB\-\-secret SECRET\fR
A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\.
.
.TP
\fB\-\-secret\-file SECRET_FILE\fR
The path to a file containing the secret key to be used to encrypt the data bag item\.
.
.P
Edit an item in a data bag\.
.
.SH "FROM FILE"
\fBknife data bag from file\fR \fIbag name\fR \fIfile\fR \fI(options)\fR
.
.P
\fBknife data bag from file\fR \fIbag name\fR \fIfile1\fR \fIfile2\fR \fIfile3\fR \fI(options)\fR
.
.P
\fBknife data bag from file\fR \fIbag name\fR \fIfolder\fR \fI(options)\fR
.
.TP
\fB\-s\fR, \fB\-\-secret SECRET\fR
A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\.
.
.TP
\fB\-\-secret\-file SECRET_FILE\fR
The path to a file containing the secret key to be used to encrypt the data bag item\.
.
.P
Load a data bag item from a JSON file\. If \fIfile\fR is a relative or absolute path to the file, that file will be used\. Otherwise, the \fIfile\fR parameter is treated as the base name of a data bag file in a Chef repository, and \fBknife\fR will search for the file in \fB\./data_bags/bag_name/file\fR\. For example \fBknife data bag from file users dan\.json\fR would attempt to load the file \fB\./data_bags/users/dan\.json\fR\.
.
.SH "LIST"
\fBknife data bag list\fR \fI(options)\fR
.
.TP
\fB\-w\fR, \fB\-\-with\-uri\fR
Show corresponding URIs
.
.P
Lists the data bags that exist on the Chef Server\.
.
.SH "SHOW"
\fBknife data bag show BAG [ITEM]\fR \fI(options)\fR
.
.TP
\fB\-s\fR, \fB\-\-secret SECRET\fR
A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\.
.
.TP
\fB\-\-secret\-file SECRET_FILE\fR
The path to a file containing the secret key to be used to encrypt the data bag item\.
.
.P
Show a specific data bag or an item in a data bag\. The output will be formatted according to the \-\-format option\.
.
.SH "ENCRYPTION SUPPORT"
Data Bag Items may be encrypted to keep their contents secret\. This may be desireable when storing sensitive information such as database passwords, API keys, etc\.
.
.P
Data Bag Item encryption uses the AES\-256 CBC symmetric key algorithm\.
.
.P
\fBCAVEATS:\fR Keys are not encrypted; only values are encrypted\. The "id" of a Data Bag Item is not encrypted, since it is used by Chef Server to store the item in its database\. For example, given the following data bag item: {"id": "important_passwords", "secret_password": "opensesame"} The key "secret_password" will be visible to an evesdropper, but the value "opensesame" will be protected\. Both the key "id" and its value "important_passwords" will be visible to an evesdropper\.
.
.P
Chef Server does not provide a secure mechanism for distributing encryption keys\.
.
.SH "SEE ALSO"
\fBknife\-search\fR(1)
.
.SH "AUTHOR"
Chef was written by Adam Jacob \fIadam@opscode\.com\fR with many contributions from the community\.
.
.SH "DOCUMENTATION"
This manual page was written by Joshua Timberman \fIjoshua@opscode\.com\fR\. Permission is granted to copy, distribute and / or modify this document under the terms of the Apache 2\.0 License\.
.
.SH "CHEF"
Knife is distributed with Chef\. http://wiki\.opscode\.com/display/chef/Home