Chef role based access control for standalone server


#1

Hi Team,

please suggest me procedure and example how i can implement access control for all chef server users joining automation team. right now i am the one who is managing it and using chef admin account only.


#2

You can use active directory integration https://docs.chef.io/server_ldap.html or you can create local groups and give them appropriate access under the administration tab in chef manage.

But you really should limit the amount of people who have access to the chef server and you should have a CI/CD pipeline that uploads your cookbooks for you from a versioning system. If you have people making a lot of changes to the server directly you can have people who don't know what they are doing causing problems.


#3

Thanks Larryc for suggestion , in my setup i can see LDAP is already configured. Looking something more on technical procedure how i can implement RBAC.

I need to create local group in chef but i don't see any command option available for group using knife or chef-server-ctl command.