Closed Aman1994 closed 10 months ago
we have a service window - which is the only time we're allowed to make "certain changes".. so outside that we run puppet in noop mode - to KNOW if changes occurred - but not do customer. However, some things we ARE allowed to do (add users) - outside the service window - so we specifically override noop for those.. hence this change
You could achieve this in a profile using resource overrides. See https://www.puppet.com/docs/puppet/7/lang_resources.html#adding-or-modifying-attributes
profile::maintenance_window {
include pam
if $allowed_to_modify_stuff == false {
File['access_conf'] {
noop = true,
}
}
}
…h noop false too