2015-05-08 13:45:31 +02:00
---
layout: "docs"
2015-05-08 23:25:24 +02:00
page_title: "Provisioner: chef"
sidebar_current: "docs-provisioners-chef"
2015-05-08 13:45:31 +02:00
description: |-
2015-05-08 23:25:24 +02:00
The `chef` provisioner invokes a Chef Client run on a remote resource after first installing and configuring Chef Client on the remote resource. The `chef` provisioner supports both `ssh` and `winrm` type connections.
2015-05-08 13:45:31 +02:00
---
2015-05-08 23:25:24 +02:00
# Chef Provisioner
2015-05-08 13:45:31 +02:00
2015-05-08 23:25:24 +02:00
The `chef` provisioner invokes a Chef Client run on a remote resource after first installing
and configuring Chef Client on the remote resource. The `chef` provisioner supports both `ssh`
and `winrm` type [connections ](/docs/provisioners/connection.html ).
## Requirements
In order for the `chef` provisioner to work properly, you need either `cURL` (when using
a `ssh` type connection) or `PowerShell 2.0` (when using a `winrm` type connection) to be
available on the target machine.
2015-05-08 13:45:31 +02:00
## Example usage
```
# Start a initial chef run on a resource
resource "aws_instance" "web" {
...
2015-05-08 23:25:24 +02:00
provisioner "chef" {
2016-06-29 16:27:48 +02:00
attributes_json = < < -EOF
2016-01-29 18:41:14 +01:00
{
"key": "value",
"app": {
"cluster1": {
"nodes": [
"webserver1",
"webserver2"
]
2015-05-08 13:45:31 +02:00
}
}
}
2016-01-29 18:41:14 +01:00
EOF
2015-05-08 13:45:31 +02:00
environment = "_default"
run_list = ["cookbook::recipe"]
node_name = "webserver1"
2015-11-12 22:17:51 +01:00
secret_key = "${file("../encrypted_data_bag_secret")}"
2015-05-08 13:45:31 +02:00
server_url = "https://chef.company.com/organizations/org1"
2016-09-20 18:58:04 +02:00
recreate_client = true
2016-09-15 14:20:18 +02:00
user_name = "bob"
user_key = "${file("../bob.pem")}"
2015-07-09 16:12:56 +02:00
version = "12.4.1"
2015-05-08 13:45:31 +02:00
}
}
```
## Argument Reference
The following arguments are supported:
2016-02-09 11:11:46 +01:00
* `attributes_json (string)` - (Optional) A raw JSON string with initial node attributes
2016-01-29 18:41:14 +01:00
for the new node. These can also be loaded from a file on disk using the [`file()`
interpolation function](/docs/configuration/interpolation.html#file_path_).
2015-05-08 13:45:31 +02:00
2016-01-09 00:42:02 +01:00
* `client_options (array)` - (Optional) A list of optional Chef Client configuration
2016-02-04 15:31:24 +01:00
options. See the [Chef Client ](https://docs.chef.io/config_rb_client.html ) documentation for all available options.
2016-01-09 00:42:02 +01:00
* `disable_reporting (boolean)` - (Optional) If true the Chef Client will not try to send
reporting data (used by Chef Reporting) to the Chef Server (defaults false)
2015-05-08 13:45:31 +02:00
* `environment (string)` - (Optional) The Chef environment the new node will be joining
(defaults `_default` ).
2016-02-04 15:31:24 +01:00
* `fetch_chef_certificates (boolean)` (Optional) If true the SSL certificates configured
on your Chef server will be fetched and trusted. See the knife [ssl_fetch ](https://docs.chef.io/knife_ssl_fetch.html )
documentation for more details.
2015-05-08 13:45:31 +02:00
* `log_to_file (boolean)` - (Optional) If true, the output of the initial Chef Client run
will be logged to a local file instead of the console. The file will be created in a
subdirectory called `logfiles` created in your current directory. The filename will be
the `node_name` of the new node.
* `http_proxy (string)` - (Optional) The proxy server for Chef Client HTTP connections.
* `https_proxy (string)` - (Optional) The proxy server for Chef Client HTTPS connections.
* `no_proxy (array)` - (Optional) A list of URLs that should bypass the proxy.
* `node_name (string)` - (Required) The name of the node to register with the Chef Server.
2015-06-25 15:48:54 +02:00
* `ohai_hints (array)` - (Optional) A list with
[Ohai hints ](https://docs.chef.io/ohai.html#hints ) to upload to the node.
2015-06-25 14:29:48 +02:00
* `os_type (string)` - (Optional) The OS type of the node. Valid options are: `linux` and
`windows` . If not supplied the connection type will be used to determine the OS type (`ssh`
2015-09-11 20:56:20 +02:00
will assume `linux` and `winrm` will assume `windows` ).
2015-06-25 14:29:48 +02:00
2015-05-08 13:45:31 +02:00
* `prevent_sudo (boolean)` - (Optional) Prevent the use of sudo while installing, configuring
and running the initial Chef Client run. This option is only used with `ssh` type
[connections ](/docs/provisioners/connection.html ).
2016-09-15 14:20:18 +02:00
* `recreate_client (boolean)` - (Optional) If true, first delete the existing Chef Node and
Client before registering the new Chef Client.
2015-05-08 13:45:31 +02:00
* `run_list (array)` - (Required) A list with recipes that will be invoked during the initial
Chef Client run. The run-list will also be saved to the Chef Server after a successful
initial run.
2015-11-12 22:17:51 +01:00
* `secret_key (string)` - (Optional) The contents of the secret key that is used
2015-07-09 16:12:56 +02:00
by the client to decrypt data bags on the Chef Server. The key will be uploaded to the remote
2016-09-15 14:20:18 +02:00
machine. This can be loaded from a file on disk using the [`file()` interpolation
2015-11-12 22:17:51 +01:00
function](/docs/configuration/interpolation.html#file_path_).
2015-07-09 16:12:56 +02:00
2015-05-08 13:45:31 +02:00
* `server_url (string)` - (Required) The URL to the Chef server. This includes the path to
the organization. See the example.
* `skip_install (boolean)` - (Optional) Skip the installation of Chef Client on the remote
2015-05-08 23:25:24 +02:00
machine. This assumes Chef Client is already installed when you run the `chef`
2015-05-08 13:45:31 +02:00
provisioner.
2016-09-29 15:37:48 +02:00
* `skip_register (boolean)` - (Optional) Skip the registration of Chef Client on the remote
machine. This assumes Chef Client is already registered when you run the `chef`
provisioner.
2015-05-08 13:45:31 +02:00
* `ssl_verify_mode (string)` - (Optional) Use to set the verify mode for Chef Client HTTPS
requests.
2016-09-15 14:20:18 +02:00
* `user_name (string)` - (Required) The name of an existing Chef user to use for registering
the new Chef Client and (optionally) configure Chef Vaults.
2015-05-08 13:45:31 +02:00
2016-09-29 15:37:48 +02:00
* `user_key (string)` - (Required) The contents of the user key that will be used to
2016-09-15 14:20:18 +02:00
authenticate with the Chef Server. This can be loaded from a file on disk using the [`file()`
2015-11-12 22:17:51 +01:00
interpolation function](/docs/configuration/interpolation.html#file_path_).
2015-05-08 13:45:31 +02:00
2016-09-15 14:20:18 +02:00
* `vault_json (string)` - (Optional) A raw JSON string with Chef Vaults and Items to give
the new node access to. These can also be loaded from a file on disk using the [`file()
` interpolation function](/docs/configuration/interpolation.html#file_path_).
2015-05-08 13:45:31 +02:00
* `version (string)` - (Optional) The Chef Client version to install on the remote machine.
If not set the latest available version will be installed.
2015-11-12 22:17:51 +01:00
These are supported for backwards compatibility and may be removed in a
future version:
2016-09-15 14:20:18 +02:00
* `validation_client_name (string)` - __Deprecated: please use `user_name` instead__ .
* `validation_key (string)` - __Deprecated: please use `user_key` instead__ .