If you're using vagrant for testing this, rather than a cloud provider, I'm simply using the default insecure keys provided by vagrant. This key can always be found at https://github.com/hashicorp/vagrant/tree/master/keys.

When adding credentials, we're also scoping our credentials. In an SSH private key credential, you begin by selecting the PEM file you wish to apply from your local hard drive. We have three available RBAC options:

• Discover data on hosts: Should this key be used to discover information?
• Run tasks on target hosts: Should this key be able to run and execute tasks?
• Escalate privileges to root: Should this user become the root user for discovery and tasks?

Finally, we have a username and passphrase. Our username is the user we want to connect as to our remote machines. As my machines are all in vagrant, vagrant is also the user I'll be connecting with. The passphrase is used to decrypt the SSH key, and is optional if your key doesn't have a passphrase like mine:

Once we've set up our first set of hosts and credentials, we'll be ready to use Puppet Discovery.