In particular, is a chef server “user” an API “client” too?
On 12/01/14 10:14, Meng Hu wrote:
In particular, is a chef server "user" an API "client" too?
Yes, you can use the user's certificate to talk to the API.
We had a misunderstanding there and used for each of us a user for the
web interface and a client for knife (for a long time). This made no
problems, until we started using chef-vault which then got confused (and
preferred the user's certificate).
So I recommend you to only use a user for your admins.
(I don't know, if there's anywhere such an official recommendation)
Steffen