Present in the Puppet core are several configuration files that control the security and access control of the base Puppet Master. Over time, these configuration files have evolved to add more functionality and more fine-grained access controls. In addition to the main Puppet configuration file, puppet.conf
, the primary configuration files we'll examine are the files related to the authentication, file server, and autosigning configurations.
We'll cover autosigning later on in this chapter. For now, let's look at the other authentication and file server configurations.
The auth.conf
configuration file is the main file controlling access to the Puppet API resources. Internally, it is called the rest_authconfig
file because it controls access to the RESTful API that the various Puppet commands utilize to perform their functions.
Using this configuration file, you can lock down access to various endpoints. The default configuration settings...