<!DOCTYPE html>
<html>
<head>
<meta http-equiv='content-type' value='text/html;charset=utf8'>
<meta name='generator' value='Ronn/v0.7.3 (http://github.com/rtomayko/ronn/tree/0.7.3)'>
<title>knife-data-bag(1) - Store arbitrary data on a Chef Server</title>
<style type='text/css' media='all'>
/* style: man */
body#manpage {margin:0}
.mp {max-width:100ex;padding:0 9ex 1ex 4ex}
.mp p,.mp pre,.mp ul,.mp ol,.mp dl {margin:0 0 20px 0}
.mp h2 {margin:10px 0 0 0}
.mp > p,.mp > pre,.mp > ul,.mp > ol,.mp > dl {margin-left:8ex}
.mp h3 {margin:0 0 0 4ex}
.mp dt {margin:0;clear:left}
.mp dt.flush {float:left;width:8ex}
.mp dd {margin:0 0 0 9ex}
.mp h1,.mp h2,.mp h3,.mp h4 {clear:left}
.mp pre {margin-bottom:20px}
.mp pre+h2,.mp pre+h3 {margin-top:22px}
.mp h2+pre,.mp h3+pre {margin-top:5px}
.mp img {display:block;margin:auto}
.mp h1.man-title {display:none}
.mp,.mp code,.mp pre,.mp tt,.mp kbd,.mp samp,.mp h3,.mp h4 {font-family:monospace;font-size:14px;line-height:1.42857142857143}
.mp h2 {font-size:16px;line-height:1.25}
.mp h1 {font-size:20px;line-height:2}
.mp {text-align:justify;background:#fff}
.mp,.mp code,.mp pre,.mp pre code,.mp tt,.mp kbd,.mp samp {color:#131211}
.mp h1,.mp h2,.mp h3,.mp h4 {color:#030201}
.mp u {text-decoration:underline}
.mp code,.mp strong,.mp b {font-weight:bold;color:#131211}
.mp em,.mp var {font-style:italic;color:#232221;text-decoration:none}
.mp a,.mp a:link,.mp a:hover,.mp a code,.mp a pre,.mp a tt,.mp a kbd,.mp a samp {color:#0000ff}
.mp b.man-ref {font-weight:normal;color:#434241}
.mp pre {padding:0 4ex}
.mp pre code {font-weight:normal;color:#434241}
.mp h2+pre,h3+pre {padding-left:0}
ol.man-decor,ol.man-decor li {margin:3px 0 10px 0;padding:0;float:left;width:33%;list-style-type:none;text-transform:uppercase;color:#999;letter-spacing:1px}
ol.man-decor {width:100%}
ol.man-decor li.tl {text-align:left}
ol.man-decor li.tc {text-align:center;letter-spacing:4px}
ol.man-decor li.tr {text-align:right;float:right}
</style>
<style type='text/css' media='all'>
/* style: toc */
.man-navigation {display:block !important;position:fixed;top:0;left:113ex;height:100%;width:100%;padding:48px 0 0 0;border-left:1px solid #dbdbdb;background:#eee}
.man-navigation a,.man-navigation a:hover,.man-navigation a:link,.man-navigation a:visited {display:block;margin:0;padding:5px 2px 5px 30px;color:#999;text-decoration:none}
.man-navigation a:hover {color:#111;text-decoration:underline}
</style>
</head>
<!--
The following styles are deprecated and will be removed at some point:
div#man, div#man ol.man, div#man ol.head, div#man ol.man.
The .man-page, .man-decor, .man-head, .man-foot, .man-title, and
.man-navigation should be used instead.
-->
<body id='manpage'>
<div class='mp' id='man'>
<div class='man-navigation' style='display:none'>
<a href="#NAME">NAME</a>
<a href="#SYNOPSIS">SYNOPSIS</a>
<a href="#DESCRIPTION">DESCRIPTION</a>
<a href="#DATA-BAG-SUB-COMMANDS">DATA BAG SUB-COMMANDS</a>
<a href="#CREATE">CREATE</a>
<a href="#DELETE">DELETE</a>
<a href="#EDIT">EDIT</a>
<a href="#FROM-FILE">FROM FILE</a>
<a href="#LIST">LIST</a>
<a href="#SHOW">SHOW</a>
<a href="#ENCRYPTION-SUPPORT">ENCRYPTION SUPPORT</a>
<a href="#SEE-ALSO">SEE ALSO</a>
<a href="#AUTHOR">AUTHOR</a>
<a href="#DOCUMENTATION">DOCUMENTATION</a>
<a href="#CHEF">CHEF</a>
</div>
<ol class='man-decor man-head man head'>
<li class='tl'>knife-data-bag(1)</li>
<li class='tc'>Chef Manual</li>
<li class='tr'>knife-data-bag(1)</li>
</ol>
<h2 id="NAME">NAME</h2>
<p class="man-name">
<code>knife-data-bag</code> - <span class="man-whatis">Store arbitrary data on a Chef Server</span>
</p>
<h2 id="SYNOPSIS">SYNOPSIS</h2>
<p><strong>knife</strong> <strong>data bag</strong> <em>sub-command</em> <em>(options)</em></p>
<h2 id="DESCRIPTION">DESCRIPTION</h2>
<p>Data bags are stores of arbitrary JSON data. Each data bag is a
collection that may contain many items. Data Bag Items are indexed by
the Chef Server and can be searched via <strong>knife-search</strong>(1).</p>
<p>Data bags are available to all nodes configured by <strong>chef-client</strong>(8),
and are therefore a convenient mechanism to store global information,
such as lists of administrative accounts that should be configured on
all hosts.</p>
<h2 id="DATA-BAG-SUB-COMMANDS">DATA BAG SUB-COMMANDS</h2>
<h2 id="CREATE">CREATE</h2>
<p><strong>knife data bag create</strong> <em>bag name</em> [item id] <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>If <em>item id</em> is given, creates a new, empty data bag item and opens it for
editing in your editor. The data bag will be created if it does not
exist.</p>
<p>If <em>item id</em> is not given, the data bag will be created.</p>
<h2 id="DELETE">DELETE</h2>
<p><strong>knife data bag delete</strong> <em>bag name</em> [item id] <em>(options)</em></p>
<p>Delete a data bag, or an item from a data bag.</p>
<h2 id="EDIT">EDIT</h2>
<p><strong>knife data bag edit</strong> <em>bag name</em> <em>item id</em> <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>Edit an item in a data bag.</p>
<h2 id="FROM-FILE">FROM FILE</h2>
<p><strong>knife data bag from file</strong> <em>bag name</em> <em>file</em> <em>(options)</em></p>
<p><strong>knife data bag from file</strong> <em>bag name</em> <em>file1</em> <em>file2</em> <em>file3</em> <em>(options)</em></p>
<p><strong>knife data bag from file</strong> <em>bag name</em> <em>folder</em> <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>Load a data bag item from a JSON file. If <em>file</em> is a relative or
absolute path to the file, that file will be used. Otherwise, the <em>file</em>
parameter is treated as the base name of a data bag file in a Chef
repository, and <code>knife</code> will search for the file in
<code>./data_bags/bag_name/file</code>. For example <code>knife data bag from file users
dan.json</code> would attempt to load the file <code>./data_bags/users/dan.json</code>.</p>
<h2 id="LIST">LIST</h2>
<p><strong>knife data bag list</strong> <em>(options)</em></p>
<dl>
<dt><code>-w</code>, <code>--with-uri</code></dt><dd>Show corresponding URIs</dd>
</dl>
<p>Lists the data bags that exist on the Chef Server.</p>
<h2 id="SHOW">SHOW</h2>
<p><strong>knife data bag show BAG [ITEM]</strong> <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>Show a specific data bag or an item in a data bag. The output will be
formatted according to the --format option.</p>
<h2 id="ENCRYPTION-SUPPORT">ENCRYPTION SUPPORT</h2>
<p>Data Bag Items may be encrypted to keep their contents secret. This may
be desireable when storing sensitive information such as database
passwords, API keys, etc.</p>
<p>Data Bag Item encryption uses the AES-256 CBC symmetric key algorithm.</p>
<p><strong>CAVEATS:</strong> Keys are not encrypted; only values are encrypted. The "id"
of a Data Bag Item is not encrypted, since it is used by Chef Server to
store the item in its database. For example, given the following data bag item:
{"id": "important_passwords", "secret_password": "opensesame"}
The key "secret_password" will be visible to an evesdropper, but the
value "opensesame" will be protected. Both the key "id" and its value
"important_passwords" will be visible to an evesdropper.</p>
<p>Chef Server does not provide a secure mechanism for distributing
encryption keys.</p>
<h2 id="SEE-ALSO">SEE ALSO</h2>
<p> <strong>knife-search</strong>(1)</p>
<h2 id="AUTHOR">AUTHOR</h2>
<p> Chef was written by Adam Jacob <a href="mailto:adam@opscode.com" data-bare-link="true">adam@opscode.com</a> with many contributions from the community.</p>
<h2 id="DOCUMENTATION">DOCUMENTATION</h2>
<p> This manual page was written by Joshua Timberman <a href="mailto:joshua@opscode.com" data-bare-link="true">joshua@opscode.com</a>.
Permission is granted to copy, distribute and / or modify this document under the terms of the Apache 2.0 License.</p>
<h2 id="CHEF">CHEF</h2>
<p> Knife is distributed with Chef. http://wiki.opscode.com/display/chef/Home</p>
<ol class='man-decor man-foot man foot'>
<li class='tl'>Chef 11.6.0.rc.1</li>
<li class='tc'>July 2013</li>
<li class='tr'>knife-data-bag(1)</li>
</ol>
</div>
</body>
</html>