Chef Automate Product Announcement: Introducing Project-Scoped Access Control IAM v2.1 Beta

Chef Automate provides DevOps teams a dashboard for complete operational visibility across large scale or mission critical infrastructure. This comprehensive visibility allows developers, operations and security engineers to collaborate on delivering application & infrastructure changes at the speed of business.

Chef Automate provides real time data across the estate with intelligent access controls ensuring the right team has the right access. Our latest beta release improves identity & access management (IAM) capabilities with more granular controls. 

Our journey began with IAM 2.0 Beta Release which introduced role-based access control where customers can assign roles, such as editor, admin, etc. to individual users, teams, or tokens. 

The latest Chef Automate Identity & Access Management (IAM v2.1 Beta) release extends security coverage from role-based access control (illustrated below) to include project scoped access control beginning with six projects and support growing up to 300 projects after general availability.

As part of this IAM 2.1 Beta we’re also introducing a new project admin role to allow global admins to delegate project management responsibilities easily.

IAM v2.1 Beta: Project-scoped access control

IAM v2.1 Beta extends security in Chef Automate to include up to six projects for the first release of projects. The first GA release of IAM will support up to 300 projects.  

IAM projects are collections of resources that have been created in Chef Automate or ingested from external data providers including Chef Infra and Chef InSpec. 

Projects are used in IAM policies to reduce the scope of permissions to the resources defined in an IAM project. In this example illustrated below, if there are independent business units, such as Finance or HR, Finance users will only see and have access to data related to Finance and HR users will only have access to data related to HR. 

As part of this IAM 2.1 Beta, we are also introducing a new project admin role to allow global admins to delegate project management responsibilities easily.

Learn more

For more information about the IAM v2.1 Beta release, be sure to check out the IAM v2.1 Beta Users Guide to understand the new feature in depth and how to upgrade to the 2.1 version. Let your account team know you would like to participate in the IAM V2.1 Beta program!

To provide pre-generally available release feedback on the new IAM projects functionality we are built for IAM v2.1 Beta, please contact your account team or enter your suggestions in Chef’s Idea Portal.

Natalie Fisher
Natalie Fisher

Natalie is a Product Manager at Chef, working on Chef Automate out of Chef HQ in Seattle. She has spent 15 years in product, working in companies ranging from e-Commerce, Data Analytics, and Government.