admins option seems useless #17
Labels
Triage: Support
Indicates an issue that is a support question and will be redirected to other mediums.
Comments
|
Not to mention admin seems required: module ChefVaultCookbook
module Resource
class ChefVaultSecret < Chef::Resource::LWRPBase
self.resource_name = 'chef_vault_secret'
...
attribute(:admins, kind_of: [String, Array], required: true)It was suggested that I use knife-acl to add read permissions for the users container to the client, but it doesn't look like that's possible with enterprise/hosted chef. users isn't a container, it seems to be a special object that only other users / admins can read. Not normal clients. |
|
Looks like it's a known access to user keys issue I'm guessing there aren't many folks using chef-vault (creating/encrypting in a recipe on a node) or they'd have similar issues. |
|
Can you chime in here @thommay |
tas50
added
Triage: Support
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For enterprise chef is there anyway to give clients permission to read the users endpoint? I can't find anywhere set permission for user objects on the chef server (11.14). If I set admins to anything other than '' I get a permission denied error and the chef run errors out.
The text was updated successfully, but these errors were encountered: