Book Image

Learning Puppet Security

By : Jason M Slagle, Jason Slagle
Book Image

Learning Puppet Security

By: Jason M Slagle, Jason Slagle

Overview of this book

Table of Contents (17 chapters)
Learning Puppet Security
About the Author
About the Reviewers

Change tracking with Puppet

Puppet has a variety of ways to track changes. In its normal mode of operation, Puppet will track (and correct) changes to any resources in its catalog. This is by its nature what it's designed for. This can let you know that items have changed, but at the same time let you know that you can correct them to be the way you want them to be specified.

If you don't have a set state for your resources and you just want to know whether they have changed, you can use the audit meta-parameter. There is some evidence that this will be deprecated in Puppet 4; however, it is currently still available as this book is being written.

Finally, one can use noop to monitor changes. In this mode, Puppet will report on any changes to a resource from its baseline; however, it will not make an effort to change them back.

Noop can be used in a variety of fashions and will be covered at the end of the chapter.

The following table summarizes the available change tracking options: