Error -- : Ridley::Errors::HTTPForbidden: {"error":["missing create permission"]}


#1

berks version - 4.0.1
chefdk 0.10.0

“berks upload --no-ssl-verify” command throws below error.

Error – : Ridley::Errors::HTTPForbidden: {“error”:[“missing create permission”]}

knife.rb

current_dir = File.dirname(FILE)
log_level :info
log_location STDOUT
node_name "testclient"
client_key "#{current_dir}/testclient.pem"
validation_client_name "chef12-validator"
validation_key “#{current_dir}/chef12-validator.pem"
chef_server_url “https://52.34.xxx.xxx:443/organizations/chef12"
cookbook_path [”#{current_dir}/…/cookbooks”]
no_proxy “chef_server.corp.com”

testclient client node has full permissions (read, grant, upload, delete) for all modules (admins, users, delivery).

Please advise on what else need to be done for uploading cookbooks using berks.

The below knife cookbook command works fine:
Knife cookbook upload appvance2 --user delivery --key …/…/.chef/delivery.pem

Thanks much.

Regards,
Srikar


#2

The error you got definitely means your user is missing permissions. You could be running berks as a different user than you thought, or that user doesn’t have the create permission on the cookbooks container.


#3

Thanks much for the help. The issue is resolved.

I updated the knife.rb with the user that works for “knife cookbook upload …” command and “berks upload” works as well.

node_name "delivery"
client_key “#{current_dir}/delivery.pem”

difference between these users:

“testclient” is a client with full permissions
"delivery" is listed as a user and shows up in the ‘Administration’ tab of chef server UI


#4

After reading this line from you twice, I went back and did better google search.
The below discussion has more insights on users/clients/cookbook container/chef-server internals; that you contributed in Oct, 15: