These steps will grant blanket access to the Applications view in Automate 2 for all users.
- Chef Automate 2 Installed
- curl installed and running locally.
- Chef Automate 2 | [
20200603114954]
- Create JSON policy definition in a text file (in this example, we'll call it
policy):
{
"name": "Applications Viewer",
"id": "applications-viewer-access",
"members": [
"*"
],
"statements": [
{
"effect": "ALLOW",
"actions": [
"applications:*"
],
"projects": [
"*"
]
}
]
}
- POST the policy. I used an admin token, but any token that can manage IAM policies should work:
export TOKEN=`chef-automate iam token create ADMIN_TOKEN_NAME --admin`
curl -X POST https://localhost/apis/iam/v2/policies --data-binary @./policy -k -H "api-token: $TOKEN" -v
- Double check in the interface to ensure that all members exist in policy. In the GUI: Settings -> Policies -> {Name of your policy, my example is “applications-viewer-access} -> Members
- If you need to edit membership, this can be done through the UI or set using the 'members' JSON Object.