Chef-client fails to save updated node, ERROR: 403 "Forbidden"

thunt_aaa · February 1, 2018, 8:01pm

I am using vagrant's chef_client provisioner with my org's validator.pem

As 'vagrant up' nears the end of the chef-client load, I get ERROR: 403 "Forbidden".

cat /var/chef/cache/chef-stacktrace.out
Generated at 2018-02-01 18:55:55 +0000
Net::HTTPServerException: 403 "Forbidden"
/opt/chef/embedded/lib/ruby/2.4.0/net/http/response.rb:122:in error!' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/http.rb:152:in request'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/http.rb:123:in put' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/node.rb:596:in save'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/client.rb:590:in save_updated_node' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/client.rb:755:in converge_and_save'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/client.rb:286:in run' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application.rb:292:in block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application.rb:280:in fork' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application.rb:280:in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application.rb:245:in block in run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/local_mode.rb:44:in with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application.rb:233:in run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application/client.rb:469:in sleep_then_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application/client.rb:458:in block in interval_run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application/client.rb:457:in loop'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application/client.rb:457:in interval_run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application/client.rb:441:in run_application'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/lib/chef/application.rb:59:in run' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.7.16/bin/chef-client:26:in <top (required)>'
/bin/chef-client:59:in `load'

open-source chef-server used here.
The node-file with attributes is pre-loaded by administrator-user;
I understand validator identity is not admin role.

Is the 403 occurring because validator has no privie?
Or, does the node assume another idenity that is not privied?
Is there an administrative technique available to grant privies to overwrite the node?

Topic		Replies	Views
Chef Server 12.01 - Spontaneous Client ERROR: 403 "Forbidden" Chef Infra (archive)	0	695	January 2, 2015
Chef-client errors connecting to server for the first time Chef Infra (archive)	6	1561	August 9, 2012
Seeing a weird 403 Error while running recipe Chef Infra (archive)	2	1133	December 5, 2014
403 errors when bootstrapping Chef Infra (archive)	4	3468	February 20, 2013
[Solved] 403 forbbiden and missing update permission Chef Infra (archive)	1	1608	August 2, 2017

Chef-client fails to save updated node, ERROR: 403 "Forbidden"

Related Topics