Chef Commands
This playbook is designed to run various Chef knife commands against nodes and vaults allowing for limited elevated access. The vault portion assumes your chef environment includes a manually created group called admins
from which to leverage in order to maintain admin access across all vaults.
The vault bag that is created contains only a simple template and would be manually updated.
---
- name: Chef Commands playbook
hosts: "{{ chefsvr }}"
vars:
- chef_home: /home/chef_admin
- chef_user: chef_admin
- time_stamp: "{{ ansible_date_time.epoch }}"
gather_facts: True
tasks:
roles:
- role: chef_node
- role: chef_vault
vars:
# List of accounts to exclude from admins.
exclude_acct_list:
- jenkins
- pivotal
...