I'm guessing you're using the wrong client key. /etc/chef/client.pem is usually the client for the node rather than for your administrative user. If you don't already have the key for your user, you can log into the webui and get one here https://www.opscode.com/account/password then put that pem file in the knife.rb file as client_key.Thanks,Paul Mooring--On Wed, Jul 18, 2012 at 8:08 AM, David Montgomery < " target="_blank"> > wrote:
Here is the knife file I use. I am using the nodes key and I have a
template for the below.
log_level :info
log_location STDOUT
node_name "<%= node.name %>"
client_key "/etc/chef/client.pem"
validation_client_name "mycomany-validator"
validation_key "#{current_dir}/mycomanyi-validator.pem"
chef_server_url "https://api.opscode.com/organizations/adhui"
cache_type 'BasicFile'
cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
I can list nodes e.g.. That works.
knife node list
Yay! it works
I cant list clients.
knife client list
ERROR: You authenticated successfully tohttps://api.opscode.com/organizations/adhui as dev_tokyo_monitor but
you are not authorized for this actionResponse: Merb::ControllerExceptions::Forbidden
On Wed, Jul 18, 2012 at 10:19 PM, Bryan McLellan < " target="_blank"> > wrote:
> On Wed, Jul 18, 2012 at 10:01 AM, David Montgomery
> < " target="_blank"> > wrote:
>> In hosted chef, I went to clients and edited permissions for the
>> node. I gave all clients in groups to CRUD.I tried the individual
>> node but that did not help as well. I still get the error.
>> So....from hosted chef UI, for my monitoring server, what is the
>> proper way?
>
> You can get support from Opscode for Hosted Chef at
> http://www.opscode.com/support/.
>
> What credentials are you using with knife? Are you using the node's
> client key, or your own?
>
> It'd help if you provided steps to reproduce that showed what commands
> you were running as well.
>
> Bryan
Paul Mooring
Systems Engineer - Customer AdvocateOpscode, Inc.
Archive powered by MHonArc 2.6.16.