Ohai chefs,
I’ve been reviewing the following document ChefServerPermissions_v1.3.pdfhttps://github.com/chef/chef-server/blob/master/doc/ChefServerPermissions_v1.3.pdf and have a few questions around the purpose of some chef objects (and their related containers) on the chef server.
The document lists all the default containers (which relate to chef objects) that exist today:
clients
containers
cookbooks
data
environments
groups
nodes
roles
sandboxes
policies
policy_groups
cookbook_artifacts
Most chef object seem pretty obvious but except for data, sandboxes, and cookbook_artifacts objects.
Is data object simply a data bag?
What are sandboxes and cookbook_artifacts objects? If an user only had read access to these type of objects what wouldn’t they be able to do when using knife commands?
-Phil
Philip Oliva
Senior Infrastructure Software Developer
BlackBerry Ltd.
"Fail quick, fail often, recover quickly"
http://ca.linkedin.com/pub/philip-oliva/67/74/10