Me too have a same doubt and need help to give permission access to a particular environment for that node and cookbook access too. Also other environment user cannot have a edit or delete permission of other users environment except their own.
In hosted chef server i have tried this because it has a RBAC , but i can't able to restrict a delete and update access of user in editing and deleting a environment and cookbooks. I created a organization,under that ivite user and add those .
So how we can authenticate ?
From: Jerry Raj email@example.com
Sent: Tuesday, 27 May 2014 1:49 PM
Subject: [chef] Restrict access to nodes
I’ve been wading through the tutorials and almost everything works just
fine. I had a question about how security works:
As far as I can tell, once a client is created from the web-UI and its
private key generated, a client can connect as any node using the
private key. Is it possible to restrict a client to using just a subset
of nodes? I’m thinking of a scenario where we want to make sure that the
nodes only have access to the runlists configured for them.