I have created a new group called 'helpers' in chef server via the web console. This group should to be able to boostrap a node and to be able to read-only any object. However, I am getting the following error when trying to bootstrap a node.
ERROR: You authenticated successfully to URL as USER but you are not authorized to this action
Response: missing create permission
How can I give this 'create permission' to the new group 'helpers'. I do not seem to be able to do that via the web console?
At the web console 'helpers' have been included with the boxes clicked for List and Create for the nodes.
The desired result can be achieved using the permission system. Create a group named "bootstrap". Add that group to the "create" permission of the "clients" container. Then add appropriate users to the bootstrap group.
Of course, the WebUI did not allow me to do that, so I had to install knife-acl:
knife acl add group helpers containers clients create,update,delete
That allows non-admins to boostrap without errors.
I will use the same concept to permit read only to the other containers like cookbooks, roles, etc.