resource_keychain.md

keychain

Use the keychain resource to manage keychains. Under the hood, the keychain resource executes the security command in the security_cmd library.

Syntax

The full syntax for all of the properties available to the keychain resource is:

keychain 'keychain name' do
  path                      String # path to selected keychain, defaults to 'name' if not specified
  password                  String # password for selected keychain
  sensitive                 Boolean # run execute resource with sensitive
end

Actions

:create

      Create a keychain as specified by the path property. This is the default action.

:delete

      Delete a keychain as specified by the path property.

:lock

      Lock a keychain as specified by the path property. If no keychain is specified, the default keychain will be locked instead.

:unlock

      Using the password property, unlock a keychain as specified by the path property. If no keychain is specified, the default keychain will be unlocked instead.

Examples

Create a keychain

keychain 'test' do
  path '/User/edward/Library/Keychains/test.keychain'
  password 'test'
  action :create
end

Delete a keychain

keychain 'test' do
  path '/User/edward/Library/Keychains/test.keychain'
  action :delete
end

Create a login keychain

keychain 'login' do
  path '/User/edward/Library/Keychains/login.keychain'
  password 'login_password'
  action :create
end

Lock a keychain

keychain 'test' do
  path '/User/edward/Library/Keychains/test.keychain'
  action :lock
end

Unlock a keychain

keychain 'test' do
  path '/User/edward/Library/Keychains/test.keychain'
  password 'test'
  action :unlock
end