Manage Data Bags

[edit on GitHub]

_images/chef_automate_full.png

Note

This topic is about using the Chef management console to manage data bags.

Data bags store global variables as JSON data. Data bags are indexed for searching and can be loaded by a cookbook or accessed during a search.

Manage

Data bags can be managed from the Chef management console web user interface.

Add Data Bag

To add a data bag:

  1. Open the Chef management console.

  2. Click Policy.

  3. Click Data Bags.

  4. Click Create.

  5. In the Create a Data Bag dialog box, enter the name of the data bag.

    _images/step_manage_webui_policy_data_bag_add.png
  6. Click Create Data Bag.

Delete Data Bag

To delete a data bag:

  1. Open the Chef management console.

  2. Click Policy.

  3. Click Data Bags.

  4. Select a data bag.

  5. Click Delete.

    _images/step_manage_webui_policy_data_bag_delete.png

Manage Items

A data bag is a container of related data bag items, where each individual data bag item is a JSON file. knife can load a data bag item by specifying the name of the data bag to which the item belongs and then the filename of the data bag item. The only structural requirement of a data bag item is that it must have an id:

{
  /* This is a supported comment style */
  // This style is also supported
  "id": "ITEM_NAME",
  "key": "value"
}

where

  • key and value are the key:value pair for each additional attribute within the data bag item
  • /* ... */ and // ... show two ways to add comments to the data bag item

Add Item

To add a data bag item:

  1. Open the Chef management console.

  2. Click Policy.

  3. Click Data Bags.

  4. Select a data bag.

  5. Click Create Item.

  6. In the Create a Data Bag Item dialog box, enter the data bag identifier, and then JSON data that defines the data bag item.

    _images/step_manage_webui_policy_data_bag_add_item.png
  7. Click Create Data Bag Item.

Delete Item

To delete a data bag item:

  1. Open the Chef management console.

  2. Click Policy.

  3. Click Data Bags.

  4. Select a data bag.

  5. Select the Items tab.

  6. Select a data bag.

  7. Click Delete.

    _images/step_manage_webui_policy_data_bag_delete_item.png

Edit Item

To edit a data bag item:

  1. Open the Chef management console.

  2. Click Policy.

  3. Click Data Bags.

  4. Select a data bag.

  5. Select the Items tab.

  6. Select a data bag.

  7. Click Edit.

    _images/step_manage_webui_policy_data_bag_edit_item.png
  8. Make your changes.

  9. Click Save Item.

View Item

To view data bag items for a data bag:

  1. Open the Chef management console.
  2. Click Policy.
  3. Click Data Bags.
  4. Select a data bag.
  5. Select the Items tab.

Manage Permissions

Permissions are used in the Chef server to define how users and groups can interact with objects on the server. Permissions are configured per-organization.

The Chef server includes the following object permissions:

Permission Description
Delete Use the Delete permission to define which users and groups may delete an object. This permission is required for any user who uses the knife [object] delete [object_name] argument to interact with objects on the Chef server.
Grant Use the Grant permission to define which users and groups may configure permissions on an object. This permission is required for any user who configures permissions using the Administration tab in the Chef management console.
Read Use the Read permission to define which users and groups may view the details of an object. This permission is required for any user who uses the knife [object] show [object_name] argument to interact with objects on the Chef server.
Update Use the Update permission to define which users and groups may edit the details of an object. This permission is required for any user who uses the knife [object] edit [object_name] argument to interact with objects on the Chef server and for any chef-client to save node data to the Chef server at the conclusion of a chef-client run.

Set

To set permissions list for a data bag object:

  1. Open the Chef management console.
  2. Click Policy.
  3. Click Data Bags.
  4. Select a data bag.
  5. Click the Permissions tab.
  6. For each group listed under Name, select or de-select the Read, Update, Delete, and Grant permissions.

Update

To update the permissions list for a data bag object:

  1. Open the Chef management console.
  2. Click Policy.
  3. Click Data Bags.
  4. Select a data bag.
  5. Click the Permissions tab.
  6. Click the + Add button and enter the name of the user or group to be added.
  7. Select or de-select Read, Update, Delete, and Grant to update the permissions list for the user or group.

View

To view permissions for a data bag object:

  1. Open the Chef management console.
  2. Click Policy.
  3. Click Data Bags.
  4. Select a data bag.
  5. Click the Permissions tab.
  6. Set the appropriate permissions: Read, Update, Delete, and Grant.