<!DOCTYPE html> <html> <head> <meta http-equiv='content-type' value='text/html;charset=utf8'> <meta name='generator' value='Ronn/v0.7.3 (http://github.com/rtomayko/ronn/tree/0.7.3)'> <title>knife-data-bag(1) - Store arbitrary data on a Chef Server</title> <style type='text/css' media='all'> /* style: man */ body#manpage {margin:0} .mp {max-width:100ex;padding:0 9ex 1ex 4ex} .mp p,.mp pre,.mp ul,.mp ol,.mp dl {margin:0 0 20px 0} .mp h2 {margin:10px 0 0 0} .mp > p,.mp > pre,.mp > ul,.mp > ol,.mp > dl {margin-left:8ex} .mp h3 {margin:0 0 0 4ex} .mp dt {margin:0;clear:left} .mp dt.flush {float:left;width:8ex} .mp dd {margin:0 0 0 9ex} .mp h1,.mp h2,.mp h3,.mp h4 {clear:left} .mp pre {margin-bottom:20px} .mp pre+h2,.mp pre+h3 {margin-top:22px} .mp h2+pre,.mp h3+pre {margin-top:5px} .mp img {display:block;margin:auto} .mp h1.man-title {display:none} .mp,.mp code,.mp pre,.mp tt,.mp kbd,.mp samp,.mp h3,.mp h4 {font-family:monospace;font-size:14px;line-height:1.42857142857143} .mp h2 {font-size:16px;line-height:1.25} .mp h1 {font-size:20px;line-height:2} .mp {text-align:justify;background:#fff} .mp,.mp code,.mp pre,.mp pre code,.mp tt,.mp kbd,.mp samp {color:#131211} .mp h1,.mp h2,.mp h3,.mp h4 {color:#030201} .mp u {text-decoration:underline} .mp code,.mp strong,.mp b {font-weight:bold;color:#131211} .mp em,.mp var {font-style:italic;color:#232221;text-decoration:none} .mp a,.mp a:link,.mp a:hover,.mp a code,.mp a pre,.mp a tt,.mp a kbd,.mp a samp {color:#0000ff} .mp b.man-ref {font-weight:normal;color:#434241} .mp pre {padding:0 4ex} .mp pre code {font-weight:normal;color:#434241} .mp h2+pre,h3+pre {padding-left:0} ol.man-decor,ol.man-decor li {margin:3px 0 10px 0;padding:0;float:left;width:33%;list-style-type:none;text-transform:uppercase;color:#999;letter-spacing:1px} ol.man-decor {width:100%} ol.man-decor li.tl {text-align:left} ol.man-decor li.tc {text-align:center;letter-spacing:4px} ol.man-decor li.tr {text-align:right;float:right} </style> <style type='text/css' media='all'> /* style: toc */ .man-navigation {display:block !important;position:fixed;top:0;left:113ex;height:100%;width:100%;padding:48px 0 0 0;border-left:1px solid #dbdbdb;background:#eee} .man-navigation a,.man-navigation a:hover,.man-navigation a:link,.man-navigation a:visited {display:block;margin:0;padding:5px 2px 5px 30px;color:#999;text-decoration:none} .man-navigation a:hover {color:#111;text-decoration:underline} </style> </head> <!-- The following styles are deprecated and will be removed at some point: div#man, div#man ol.man, div#man ol.head, div#man ol.man. The .man-page, .man-decor, .man-head, .man-foot, .man-title, and .man-navigation should be used instead. --> <body id='manpage'> <div class='mp' id='man'> <div class='man-navigation' style='display:none'> <a href="#NAME">NAME</a> <a href="#SYNOPSIS">SYNOPSIS</a> <a href="#DESCRIPTION">DESCRIPTION</a> <a href="#DATA-BAG-SUB-COMMANDS">DATA BAG SUB-COMMANDS</a> <a href="#CREATE">CREATE</a> <a href="#DELETE">DELETE</a> <a href="#EDIT">EDIT</a> <a href="#FROM-FILE">FROM FILE</a> <a href="#LIST">LIST</a> <a href="#SHOW">SHOW</a> <a href="#ENCRYPTION-SUPPORT">ENCRYPTION SUPPORT</a> <a href="#SEE-ALSO">SEE ALSO</a> <a href="#AUTHOR">AUTHOR</a> <a href="#DOCUMENTATION">DOCUMENTATION</a> <a href="#CHEF">CHEF</a> </div> <ol class='man-decor man-head man head'> <li class='tl'>knife-data-bag(1)</li> <li class='tc'>Chef Manual</li> <li class='tr'>knife-data-bag(1)</li> </ol> <h2 id="NAME">NAME</h2> <p class="man-name"> <code>knife-data-bag</code> - <span class="man-whatis">Store arbitrary data on a Chef Server</span> </p> <h2 id="SYNOPSIS">SYNOPSIS</h2> <p><strong>knife</strong> <strong>data bag</strong> <em>sub-command</em> <em>(options)</em></p> <h2 id="DESCRIPTION">DESCRIPTION</h2> <p>Data bags are stores of arbitrary JSON data. Each data bag is a collection that may contain many items. Data Bag Items are indexed by the Chef Server and can be searched via <strong>knife-search</strong>(1).</p> <p>Data bags are available to all nodes configured by <strong>chef-client</strong>(8), and are therefore a convenient mechanism to store global information, such as lists of administrative accounts that should be configured on all hosts.</p> <h2 id="DATA-BAG-SUB-COMMANDS">DATA BAG SUB-COMMANDS</h2> <h2 id="CREATE">CREATE</h2> <p><strong>knife data bag create</strong> <em>bag name</em> [item id] <em>(options)</em></p> <dl> <dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd> <dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt the data bag item.</dd> </dl> <p>If <em>item id</em> is given, creates a new, empty data bag item and opens it for editing in your editor. The data bag will be created if it does not exist.</p> <p>If <em>item id</em> is not given, the data bag will be created.</p> <h2 id="DELETE">DELETE</h2> <p><strong>knife data bag delete</strong> <em>bag name</em> [item id] <em>(options)</em></p> <p>Delete a data bag, or an item from a data bag.</p> <h2 id="EDIT">EDIT</h2> <p><strong>knife data bag edit</strong> <em>bag name</em> <em>item id</em> <em>(options)</em></p> <dl> <dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd> <dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt the data bag item.</dd> </dl> <p>Edit an item in a data bag.</p> <h2 id="FROM-FILE">FROM FILE</h2> <p><strong>knife data bag from file</strong> <em>bag name</em> <em>file</em> <em>(options)</em></p> <p><strong>knife data bag from file</strong> <em>bag name</em> <em>file1</em> <em>file2</em> <em>file3</em> <em>(options)</em></p> <p><strong>knife data bag from file</strong> <em>bag name</em> <em>folder</em> <em>(options)</em></p> <dl> <dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd> <dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt the data bag item.</dd> </dl> <p>Load a data bag item from a JSON file. If <em>file</em> is a relative or absolute path to the file, that file will be used. Otherwise, the <em>file</em> parameter is treated as the base name of a data bag file in a Chef repository, and <code>knife</code> will search for the file in <code>./data_bags/bag_name/file</code>. For example <code>knife data bag from file users dan.json</code> would attempt to load the file <code>./data_bags/users/dan.json</code>.</p> <h2 id="LIST">LIST</h2> <p><strong>knife data bag list</strong> <em>(options)</em></p> <dl> <dt><code>-w</code>, <code>--with-uri</code></dt><dd>Show corresponding URIs</dd> </dl> <p>Lists the data bags that exist on the Chef Server.</p> <h2 id="SHOW">SHOW</h2> <p><strong>knife data bag show BAG [ITEM]</strong> <em>(options)</em></p> <dl> <dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd> <dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt the data bag item.</dd> </dl> <p>Show a specific data bag or an item in a data bag. The output will be formatted according to the --format option.</p> <h2 id="ENCRYPTION-SUPPORT">ENCRYPTION SUPPORT</h2> <p>Data Bag Items may be encrypted to keep their contents secret. This may be desireable when storing sensitive information such as database passwords, API keys, etc.</p> <p>Data Bag Item encryption uses the AES-256 CBC symmetric key algorithm.</p> <p><strong>CAVEATS:</strong> Keys are not encrypted; only values are encrypted. The "id" of a Data Bag Item is not encrypted, since it is used by Chef Server to store the item in its database. For example, given the following data bag item: {"id": "important_passwords", "secret_password": "opensesame"} The key "secret_password" will be visible to an evesdropper, but the value "opensesame" will be protected. Both the key "id" and its value "important_passwords" will be visible to an evesdropper.</p> <p>Chef Server does not provide a secure mechanism for distributing encryption keys.</p> <h2 id="SEE-ALSO">SEE ALSO</h2> <p> <strong>knife-search</strong>(1)</p> <h2 id="AUTHOR">AUTHOR</h2> <p> Chef was written by Adam Jacob <a href="mailto:adam@opscode.com" data-bare-link="true">adam@opscode.com</a> with many contributions from the community.</p> <h2 id="DOCUMENTATION">DOCUMENTATION</h2> <p> This manual page was written by Joshua Timberman <a href="mailto:joshua@opscode.com" data-bare-link="true">joshua@opscode.com</a>. Permission is granted to copy, distribute and / or modify this document under the terms of the Apache 2.0 License.</p> <h2 id="CHEF">CHEF</h2> <p> Knife is distributed with Chef. http://wiki.opscode.com/display/chef/Home</p> <ol class='man-decor man-foot man foot'> <li class='tl'>Chef 11.6.0.rc.1</li> <li class='tc'>July 2013</li> <li class='tr'>knife-data-bag(1)</li> </ol> </div> </body> </html>