github.com/muratcelep/terraform@v1.1.0-beta2-not-internal-4/website/docs/language/resources/provisioners/puppet.html.md

github.com/muratcelep/terraform@v1.1.0-beta2-not-internal-4/website/docs/language/resources/provisioners/puppet.html.md (about)

     1  ---
     2  layout: "language"
     3  page_title: "Provisioner: puppet"
     4  sidebar_current: "docs-provisioners-puppet"
     5  description: |-
     6    The `puppet` provisioner installs, configures and runs the Puppet agent on a resource.
     7  ---
     8  
     9  # Puppet Provisioner
    10  
    11  The `puppet` provisioner installs, configures and runs the Puppet agent on a
    12  remote resource. The `puppet` provisioner supports both `ssh` and `winrm` type
    13  [connections](/docs/language/resources/provisioners/connection.html).
    14  
    15  !> **Note:** This provisioner was removed in the 0.15.0 version of Terraform after being deprecated as of Terraform 0.13.4. For most common situations there are better alternatives to using provisioners. For more information, see [the main Provisioners page](./).
    16  
    17  ## Requirements
    18  
    19  The `puppet` provisioner has some prerequisites for specific connection types:
    20  
    21  * For `ssh` type connections, `cURL` must be available on the remote host.
    22  * For `winrm` connections, `PowerShell 2.0` must be available on the remote host.
    23  
    24  Without these prerequisites, your provisioning execution will fail.
    25  
    26  Additionally, the `puppet` provisioner requires
    27  [Bolt](https://puppet.com/docs/bolt/latest/bolt.html) to be installed on your workstation
    28  with the following [modules
    29  installed](https://puppet.com/docs/bolt/latest/bolt_installing_modules.html#install-modules)
    30  
    31  * `danieldreier/autosign`
    32  * `puppetlabs/puppet_agent`
    33  
    34  ## Example usage
    35  
    36  ```hcl
    37  resource "aws_instance" "web" {
    38    # ...
    39  
    40    provisioner "puppet" {
    41      server             = aws_instance.puppetmaster.public_dns
    42      server_user        = "ubuntu"
    43      extension_requests = {
    44        pp_role = "webserver"
    45      }
    46    }
    47  }
    48  ```
    49  
    50  ## Argument Reference
    51  
    52  The following arguments are supported:
    53  
    54  * `server (string)` - (Required) The FQDN of the Puppet master that the agent
    55    is to connect to.
    56  
    57  * `server_user (string)` - (Optional) The user that Bolt should connect to the
    58    server as (defaults to `root`).
    59  
    60  * `os_type (string)` - (Optional) The OS type of the resource. Valid options
    61    are: `linux` and `windows`. If not supplied, the connection type will be used
    62    to determine the OS type (`ssh` will assume `linux` and `winrm` will assume
    63    `windows`).
    64  
    65  * `use_sudo (boolean)` - (Optional) If `true`, commands run on the resource
    66    will have their privileges elevated with sudo (defaults to `true` when the OS
    67    type is `linux` and `false` when the OS type is `windows`).
    68  
    69  * `autosign (boolean)` - (Optional) Set to `true` if the Puppet master is using an autosigner such as
    70    [Daniel Dreier's policy-based autosigning
    71    tool](https://danieldreier.github.io/autosign). If `false` new agent certificate requests will have to be signed manually (defaults to `true`).
    72  
    73  * `open_source (boolean)` - (Optional) If `true` the provisioner uses an open source Puppet compatible agent install method (push via the Bolt agent install task). If `false` the simplified Puppet Enterprise installer will pull the agent from the Puppet master (defaults to `true`).
    74  
    75  * `certname (string)` - (Optional) The Subject CN used when requesting
    76    a certificate from the Puppet master CA (defaults to the FQDN of the
    77    resource).
    78  
    79  * `extension_requests (map)` - (Optional) A map of [extension 
    80    requests](https://puppet.com/docs/puppet/latest/ssl_attributes_extensions.html#concept-932)
    81    to be embedded in the certificate signing request before it is sent to the
    82    Puppet master CA and then transferred to the final certificate when the CSR
    83    is signed. These become available during Puppet agent runs as [trusted facts](https://puppet.com/docs/puppet/latest/lang_facts_and_builtin_vars.html#trusted-facts). Friendly names for common extensions such as pp_role and pp_environment have [been predefined](https://puppet.com/docs/puppet/latest/ssl_attributes_extensions.html#recommended-oids-for-extensions).
    84  
    85  * `custom_attributes (map)` - (Optional) A map of [custom
    86    attributes](https://puppet.com/docs/puppet/latest/ssl_attributes_extensions.html#concept-5488)
    87    to be embedded in the certificate signing request before it is sent to the
    88    Puppet master CA.
    89  
    90  * `environment (string)` - (Optional) The name of the Puppet environment that the
    91    Puppet agent will be running in (defaults to `production`).
    92  
    93  * `bolt_timeout (string)` - (Optional) The timeout to wait for Bolt tasks to
    94    complete. This should be specified as a string like `30s` or `5m` (defaults
    95    to `5m` - 5 minutes).