As we discussed earlier, users of Chef can only perform actions that they are authorized to perform. There is a difference in the implementation of authorization between the Enterprise and Open Source Chef server.
The Enterprise Chef server makes use of the role-based access control model.
The Open Source Chef server, on other hand, has a fairly simple model, where there are either admin users who have the privilege to read, write, update, and delete resources, or non-admin users who have read-only access to resources on the Chef server.
Let's look at each of these in detail.
As we discussed earlier, the Open Source Chef server has a very simple model for authorization purpose. We've two sets of users: admin and non-admin. Any user with an admin privilege can read, write, update, or delete any resources on the Chef server, whereas non-admin users have read-only access to the resources on the Chef server.
When a node is registered with the Chef server through...