Created
November 10, 2014 20:25
-
-
Save marcparadise/a762619967cfbdefed84 to your computer and use it in GitHub Desktop.
A simple shell script that will disable (or enable) C/U/D permissions on all existing data bags in your organization.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This requires the knife-acl plugin. | |
| # If you don't wish to modify permissions for all data bags, | |
| # you will need to substitute your own command for supplying the | |
| # list of data bags to modify. | |
| for bag in $(knife data bag list); do | |
| echo "Updating permissons on $bag." | |
| knife acl remove data $bag update group clients | |
| knife acl remove data $bag delete group clients | |
| knife acl remove data $bag create group clients | |
| done | |
| # To enable create/update/delete use the following instead | |
| # (again filtering or replacing the knife data bag command | |
| # as necessary) | |
| #for bag in $(knife data bag list); do | |
| # knife acl add data $bag update group clients | |
| # knife acl add data $bag delete group clients | |
| # knife acl add data $bag create group clients | |
| #done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment