Menu
On chef-server I have a group provisioners for users who should have permissions to bootstrap and provision nodes so called validator-less.
While bootstrapping a machine, knife tries to create new client and node on chef server. Problem is with ACL for that group. In Global Permissions section I can find container and grant create permission only for nodes but not for clients. That's why knife bootstrap fails with:
Creating new client for node-01
ERROR: You authenticated successfully to https://chef-server:443/organizations/test as mlanin but you are not authorized for this action
Response: missing create permission
How can I grant create permissions for clients?
427
You'll need to edit the ACLs directly via either the knife-acl plugin or knife edit .../_acl.json. The UI hides some permissions stuff to avoid being over-complicated.
Refer to: https://github.com/chef/knife-acl
135
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
