Chef focuses identity management on projects in IAM revamp

Chef logo

Chef has lifted the cloche off a revamp of its Chef Automate Identity and Access features, finally putting it into general availability after just over a year in beta.

The config management company said its Identity and Access Management Version 2, brings an enterprise-grade “role based access control framework and project scoped access control capabilities”, allowing admins to “delegate system management responsibilities more easily”.

In a blog post, Chef Automate product manager Natalie Fisher wrote that the new IAM setup “builds on existing LDAP and SAML integrations by introducing enhanced multi-statement policies and role-based access control with a set of built-in roles to simplify typical security configurations.”

It features five default roles, while “Custom IAM roles are also supported via the REST API and can include over 130 individual IAM actions that we upgraded to support fine-grained access control and delegation of specific responsibilities.”

The key new feature is IAM Projects, “which work in conjunction with IAM roles providing complete role and project-scoped access control in Chef Automate. This introduces a new project admin role that allows for global administrators to delegate management responsibilities more easily.”

The new version also brings IAM projects, “which work in conjunction with IAM roles providing complete role and project-scoped access control in Chef Automate.”

There is currently a limit of 300 projects, Chef said, “while we continue to refine the user experience.”

In other Chef news, the vendor said it had been working to get uptospeed with Apple’s Notarization Prerequisites for macOS Catalina, which require “that all Mac software distributed outside the Mac App Store must be notarized by Apple in order to run by default on macOS Catalina.”

Chef Workstation engineering manager, John Morrow, wrote in a blog, “Chef has been working to make sure our software is compatible with these required changes and we expect little to no customer impact. You will see these changes roll out starting today for Chef Workstation. Our other Chef products will include these changes in their next scheduled release, according to their respective normal release cadence.”

But, he added, “This kind of change can be hard to test for all usage scenarios, so there may be some impact if we have missed something”