access environment.yaml data from the hooks

Mark Shuttleworth mark at
Fri Jul 11 11:21:53 UTC 2014

On 11/07/14 09:44, Tudor Rogoz wrote:
> Is it possible to access the juju environment properties directly from the hooks?
> More precisely, I want to have access to the AWS credentials (defined in the environments.yaml file) directly from the hooks, is this possible? I can workaround the situation, by defining specific config properties  and duplicate the information there and this way I can get the data by calling 'config-get' function.But I'm just thinking if maybe it would be a cleaner way to achieve this.Ideas?

A key concern with this would be data security: if any charm hook can
see these credentials, then you'd have to trust every charm not to abuse

Imagine you find a really useful charm online. The beauty of Juju is
that you can pretty much just reuse it without having to peek inside too
much. You'll know what it sees because it sees what it manages, but if
it could also see your cloud credentials...

If what you want to achieve is the ability for a service to do things
like scale out or deploy other services, then I think this can be
achieved by having your charm talk to the state server (which knows
those credentials) and having that act on its behalf. Would that help
your use case?


More information about the Juju mailing list