red888 red888 - 4 months ago 18
Ruby Question

Can I grant access to an entire chef_vault or only individual vault items

I'm learning chef_vault.

I can go into my vaults and grant admins and clients (nodes) access to vault items inside the vaults, but is there a way I can grant admins and clients access to an entire vault and all its contents?

Is there an mechanism to easily add and remove access to an entire vault and also view that access?

Answer

Not specifically. Every vault item is encrypted separately. You could certainly make some scripts that call knife vault update with the same access parameters for every item in a bag though.