Chef Ideas

We believe that the best way to build software is to do it in close collaboration with the people who use it. We invite you to submit your ideas using the form below. Please be sure to include the problem for which you are solving and the benefits of implementing the idea.

We do our best to implement as many Ideas as we can. Our Product team will evaluate all submitted ideas in a timely manner and will disposition each into one of the following categories: will integrate into the product roadmap, further research is needed, unlikely to implement.

Thanks for collaborating with us!

Add auditing ability for all node edits

Add the ability to obtain audit info on all node edits showing:

  1. a timestamp of the edit

  2. who performed the edit (Chef user/acct)

  3. what was changed

Ideally this would include when a node was initially created along with if/when a node is deleted (in case someone fat-fingers something and accidentally deletes a node).

We had a situation where ?someone? edited a node's policy and we don't know who did it and since we don't know who did it, we don't know who to ask why they did it. This broke chef-client on that node.

If an auditor asks for evidence on when changes were made to servers, we have all cookbooks, policies, and Jenkins pipeline files managed by BitBucket so we have an audit tail for those, but we've no audit info for any local node edits.

  • Tait Cyrus
  • Aug 13 2021
  • Currently Declined
Chef Infrastructure Management
  • Attach files

Related ideas