Provisioning AWS resources from Hiera data
There's nothing wrong with managing AWS resources directly in the code, as we've done in the previous examples, but we can do just a little bit better.
In Chapter 6, Managing data with Hiera, we saw how to create Puppet resources directly from Hiera data. In that example (Building resources from Hiera hashes), we stored all the users for our infrastructure in a Hiera hash called users
, and then used the each
keyword to iterate over that hash, creating a user resource for each user. Here's the example code again (hiera_users2.pp
):
lookup('users2', Hash, 'hash').each | String $username, Hash $attrs | { user { $username: * => $attrs, } }
The magic *
character (the attribute splat operator) tells Puppet to use the contents of the $attrs
hash as the attributes of the resource.
The advantage of describing resources as Hiera data is that when we come to add a new user, or change the details for an existing user, we don't need to touch Puppet code...