Skip to main content

Site Map

This is a site map for the following products:

This page has links to each topic in this doc set. You can also use the navigation tool or the search box to find what you're looking for.

If you need documentation for previous versions, see the Docs Archive.

Overview

Platform Overview

Community

About the Community | Community Contributions | Guidelines | Send Feedback

Packages & Platforms

Packages | Platforms | Supported Versions | Chef Software Install Script | Omnitruck API

Licensing : About Licensing | Accepting License

Style Guide

Docs Style | Chef House Style | Tools | Hugo | Markdown | Content Reuse and Shortcodes Guide

Chef Automate

Getting Started

Quick Start Demo | System Requirements | Install Guide | Airgapped Installation | Install Chef Habitat Builder On-prem | Install Chef Infra Server With Automate | Migrate from Chef Automate 1 | Backup | Restore

Applications

Chef EAS | Setting up the Applications Dashboard | Applications Dashboard

Authorization

IAM Overview | IAM Users Guide | IAM Actions | Event Feed

Compliance

Reports | Scan Jobs | Profiles | Nodes

Configure

Configuration | Data Collection | LDAP | Log Management | SAML | Telemetry | Disclosure Panel and Banner | Session Timeout | Desktop Dashboard

Infrastructure

Client Runs | Chef Infra Server

Integrations

ServiceNow : Chef Automate Integration App | Chef Automate Incident Creation | Chef Automate Integration App Reference

Settings

Notifications | Data Feeds | Data Lifecycle | Node Integrations | Node Credentials | Users | Teams | API Tokens | Policies | Roles | Projects | Troubleshooting

Reference

Architecture | Chef Automate API | chef-automate CLI | Monitoring Chef Automate | Feature Flags

Chef Desktop

About Chef Desktop

Getting Started

Requirements | Infrastructure Overview

Install

Quick Start guide | Install Workstation | Automate Server | Cookbook Setup | Set up Policy | Set up Nodes | Configure

Zero Touch Deployment

macOS : Enrollment | Application Management

Windows : Enrollment | Application Management

| Chef Desktop Cookbook Reference

Resources

All Resources (Single Page) | macos_admin_control | macos_app_management | macos_automatic_logout | macos_automatic_software_updates | macos_desktop_screensaver | macos_disk_encryption | macos_firewall | macos_password_policy | macos_power_management | rescue_account | windows_admin_control | windows_app_management | windows_automatic_logout | windows_choco_installer | windows_defender | windows_defender_exclusion | windows_desktop_screensaver | windows_desktop_winrm_settings | windows_disk_encryption | windows_firewall | windows_ie_esc | windows_password_policy | windows_power_management | windows_update_settings

Chef Habitat

About Chef Habitat

Install Habitat

Get Chef Habitat | Set up the Chef Habitat CLI | Download and Install FAQ

Builder

Chef Habitat Builder | Create an Account | Builder Profile | Origins | Origin Packages

Origins

Create an Origin | Origin Keys | Origin Membership & RBAC | Origin Settings

Packages

Building Packages | Promoting Packages | Exporting Packages | Continuous Integration | Runtime Binds

Plans

Plan Writing | Plan Quickstart | Plan Contents | Scaffolding | Binary Wrapper Packages

Services

About Services | Service Groups | Service Group Topologies | Service Group Configuration | Single Service Updates | Service Group Updates | Monitoring Services

Supervisors

About Supervisors | Running Supervisors | Running Chef Habitat on Servers (Linux and Windows) | Supervisor Design | Leader Elections | Setting Up a Ring | Supervisor Networks | Supervisor Cryptography | Securing Networks | Supervisor Configuration File | Supervisor Log Configuration | Supervisor Package Configuration | Launcher | Remote Control

Reference

Habitat CLI Reference

API : Builder API | Supervisor API

| Application Lifecycle Hooks | Build Helpers | Build Phase Callbacks | Plan Configuration Helpers | Configuration Management | Configuration Templates | Custom Certificates | Environment Variables | Keys | Package Contents | Package Identifiers | Pattern Library | Plan Settings | Plan Variables | Service Template Data | Supervisor Log Codes

Containers

Chef Habitat and Containers | Container Orchestration | Kubernetes | Azure Container Services (AKS) | Amazon Container Services (ECS) | Google Container Registry (GCR) | Apache Mesos and DC/OS | Running Chef Habitat Linux Containers | Running Chef Habitat Windows Containers

Diagrams

Architecture Overview | Initial Package Build Flow | Dependency Update Flow | Application Rebuild Flow | Docker Container Publishing Flow | Automated Docker Container Publishing Flow | Promote Packages Through Channels | Runtime Services Group Binding | Chef Habitat Builder Architecture | Chef Habitat Builder on-prem Flow

Chef Infra

Getting Started

Chef Infra Overview | Quick Start | System Requirements | Chef and Terraform | Glossary | Uninstall

Concepts

Chef Infra Client Overview | chef-repo | Cookbooks | Custom Resources | Nodes

Policy : About Policy | About Policyfiles | Policyfile.rb | Data Bags | Run-lists | Environments | Roles

Features

Chef Solo : About Chef Solo | chef-solo (executable) | solo.rb

| Compliance Phase

Ohai : About Ohai | ohai (executable)

| FIPS | Handlers | Search | Troubleshooting

Setup

Nodes : Install via Bootstrap | chef-client (executable) | client.rb | Upgrades | Security

| Working with Proxies | Air-gapped Installation | FIPS-mode

Cookbook Reference

About Cookbooks | Cookbook Directory

Attributes : Attributes | Attributes Arrays | Attribute Persistence | Attribute Precedence | Attribute Sources | Attribute Types

| Files | Libraries | metadata.rb

Recipes : About Recipes | Debug Recipes, Client Runs

| Templates | Versioning Cookbooks

Chef Infra Language

Language Overview | Checking Architectures | Checking Clouds | Checking Hypervisors | Checking Platforms | Cookbook Execution | Editing Resources | Logging | Node Tags | Reading Data Bags | Reading Registry Keys | Search | Shelling Out | Windows | Ruby Guide

Chef Infra Resources

About Resources | About Unified Mode | Converting Definitions to Custom Resources | Custom Resources DSL | Common Resource Functionality | Custom Resources | Custom Resource Guide | All Resources (Single Page) | alternatives | apt_package | apt_preference | apt_repository | apt_update | archive_file | bash | batch | bff_package | breakpoint | build_essential | cab_package | chef_acl | chef_client | chef_client_config | chef_client_cron | chef_client_launchd | chef_client_scheduled_task | chef_client_systemd_timer | chef_client_trusted_certificate | chef_container | chef_data_bag | chef_data_bag_item | chef_environment | chef_gem | chef_group | chef_handler | chef_node | chef_organization | chef_role | chef_sleep | chef_user | chef_vault_secret | chocolatey_config | chocolatey_feature | chocolatey_package | chocolatey_source | cookbook_file | cron | cron_access | cron_d | csh | directory | dmg_package | dnf_package | dpkg_package | dsc_resource | dsc_script | execute | file | freebsd_package | gem_package | git | group | habitat_config | habitat_install | habitat_package | habitat_service | habitat_sup | habitat_user_toml | homebrew_cask | homebrew_package | homebrew_tap | homebrew_update | hostname | http_request | ifconfig | inspec_waiver_file_entry | ips_package | kernel_module | ksh | launchd | link | locale | log | macos_userdefaults | macports_package | mdadm | mount | msu_package | notify_group | ohai | ohai_hint | openbsd_package | openssl_dhparam | openssl_ec_private_key | openssl_ec_public_key | openssl_rsa_private_key | openssl_rsa_public_key | openssl_x509_certificate | openssl_x509_crl | openssl_x509_request | osx_profile | package | pacman_package | paludis_package | perl | plist | portage_package | powershell_package | powershell_package_source | powershell_script | python | reboot | registry_key | remote_directory | remote_file | rhsm_errata | rhsm_errata_level | rhsm_register | rhsm_repo | rhsm_subscription | route | rpm_package | ruby | ruby_block | script | service | smartos_package | snap_package | solaris_package | ssh_known_hosts_entry | subversion | sudo | swap_file | sysctl | systemd_unit | template | timezone | user | user_ulimit | windows_ad_join | windows_audit_policy | windows_auto_run | windows_certificate | windows_defender | windows_defender_exclusion | windows_dfs_folder | windows_dfs_namespace | windows_dfs_server | windows_dns_record | windows_dns_zone | windows_env | windows_feature | windows_feature_dism | windows_feature_powershell | windows_firewall_profile | windows_firewall_rule | windows_font | windows_package | windows_pagefile | windows_path | windows_printer | windows_printer_port | windows_security_policy | windows_service | windows_share | windows_shortcut | windows_task | windows_uac | windows_update_settings | windows_user_privilege | windows_workgroup | yum_package | yum_repository | zypper_package | zypper_repository

Extension APIs

Handlers : Custom Handlers | Handler DSL | Community Handlers

| Compliance DSL

Knife Plugins : Cloud Plugins | Writing Custom Plugins

Ohai Plugins : Custom Plugins | Community Plugins

| Deprecations

Integrations

AWS Marketplace | Google Cloud Platform | VMware

Microsoft Azure : Azure Marketplace | Azure Test Drive | Chef Workstation in Azure Cloud Shell | Microsoft Azure PowerShell | Microsoft Azure Chef Extension

Microsoft Windows : Chef for Microsoft Windows | Windows Installation Guide

Chef Infra Server

Overview

Infra Server Overview | Server Users | Authentication | Services | Organizations & Groups

Planning

Chef Infra Server Prerequisites | Capacity Planning

Installation

Install Chef Infra Server | Install High Availability | Airgap | Tiered Installation | Upgrades | Upgrade HA Cluster

Configure

chef-server.rb Settings | Chef Infra Server Optional Settings | chef-backend.rb Settings | Server Firewalls and Ports | Security

Manage

Backup and Restore | Backend Failure Recovery | Monitor | Tuning | Log Files

Reference

chef-server-ctl | chef-backend-ctl | Chef Infra Server API | Firewalls & Ports

Chef InSpec

Chef InSpec Overview | Install and Uninstall | Chef InSpec for the Cloud | Chef InSpec and Friends | Chef InSpec Glossary | Troubleshooting

Chef InSpec Reference

InSpec Executable | Profiles | Inputs | Matchers | Reporters | Configuration | Chef InSpec DSL | Profile Style Guide | Custom Resources | Plugins | kitchen-inspec | InSpec Shell | Chef Habitat Integration | Migration from Serverspec | Waivers

Chef InSpec Resources

InSpec Resources (Single Page)

OS Resources : aide_conf | apache | apache_conf | apt | audit_policy | auditd | auditd_conf | bash | bond | bridge | bsd_service | chocolatey_package | command | cpan | cran | crontab | csv | dh_params | directory | docker | docker_container | docker_image | docker_plugin | docker_service | elasticsearch | etc_fstab | etc_group | etc_hosts | etc_hosts_allow | etc_hosts_deny | file | filesystem | firewalld | gem | group | groups | grub_conf | host | http | iis_app | iis_site | inetd_conf | ini | interface | interfaces | ip6tables | iptables | json | kernel_module | kernel_parameter | key_rsa | launchd_service | limits_conf | login_defs | mongodb_conf | mongodb_session | mount | mssql_session | mysql_conf | mysql_session | nginx | nginx_conf | npm | ntp_conf | oneget | opa_api | opa_cli | oracledb_session | os | os_env | package | packages | parse_config | parse_config_file | passwd | pip | port | postfix_conf | postgres_conf | postgres_hba_conf | postgres_ident_conf | postgres_session | powershell | processes | rabbitmq_config | registry_key | runit_service | security_identifier | security_policy | selinux | service | shadow | ssh_config | sshd_config | ssl | sys_info | systemd_service | sysv_service | toml | upstart_service | user | users | vbscript | virtualization | windows_feature | windows_firewall | windows_firewall_rule | windows_hotfix | windows_task | wmi | x509_certificate | xinetd_conf | xml | yaml | yum | zfs_dataset | zfs_pool

AWS Resources : aws_alb | aws_albs | aws_auto_scaling_group | aws_auto_scaling_groups | aws_cloudformation_stack | aws_cloudtrail_trail | aws_cloudtrail_trails | aws_cloudwatch_alarm | aws_cloudwatch_log_group | aws_cloudwatch_log_metric_filter | aws_config_delivery_channel | aws_config_recorder | aws_db_subnet_group | aws_db_subnet_groups | aws_dhcp_options | aws_dynamodb_table | aws_ebs_volume | aws_ebs_volumes | aws_ec2_instance | aws_ec2_instances | aws_ecr | aws_ecr_image | aws_ecr_images | aws_ecr_repositories | aws_ecr_repository | aws_ecs_cluster | aws_ecs_clusters | aws_efs_file_system | aws_efs_file_systems | aws_eks_cluster | aws_eks_clusters | aws_elasticache_cluster | aws_elasticache_cluster_node | aws_elasticache_clusters | aws_elb | aws_elbs | aws_flow_log | aws_hosted_zone | aws_hosted_zones | aws_iam_access_key | aws_iam_access_keys | aws_iam_account_alias | aws_iam_group | aws_iam_groups | aws_iam_inline_policy | aws_iam_password_policy | aws_iam_policies | aws_iam_policy | aws_iam_role | aws_iam_roles | aws_iam_root_user | aws_iam_saml_provider | aws_iam_saml_providers | aws_iam_user | aws_iam_users | aws_internet_gateway | aws_internet_gateways | aws_kms_key | aws_kms_keys | aws_lambda | aws_lambdas | aws_launch_configuration | aws_nat_gateway | aws_nat_gateways | aws_organizations_member | aws_rds_cluster | aws_rds_clusters | aws_rds_instance | aws_rds_instances | aws_region | aws_regions | aws_route_table | aws_route_tables | aws_s3_bucket | aws_s3_bucket_object | aws_s3_buckets | aws_security_group | aws_security_groups | aws_sns_subscription | aws_sns_topic | aws_sns_topics | aws_sqs_queue | aws_sqs_queues | aws_ssm_parameter | aws_ssm_parameters | aws_sts_caller_identity | aws_subnet | aws_subnets | aws_transit_gateway | aws_vpc | aws_vpcs

Azure Resources : azure_generic_resource | azure_resource_group | azure_virtual_machine | azure_virtual_machine_data_disk | azurerm_ad_user | azurerm_ad_users | azurerm_aks_cluster | azurerm_aks_clusters | azurerm_cosmosdb_database_account | azurerm_event_hub_authorization_rule | azurerm_event_hub_event_hub | azurerm_event_hub_namespace | azurerm_iothub | azurerm_iothub_event_hub_consumer_group | azurerm_iothub_event_hub_consumer_groups | azurerm_key_vault | azurerm_key_vault_key | azurerm_key_vault_keys | azurerm_key_vault_secret | azurerm_key_vault_secrets | azurerm_key_vaults | azurerm_load_balancer | azurerm_load_balancers | azurerm_locks | azurerm_management_group | azurerm_management_groups | azurerm_monitor_activity_log_alert | azurerm_monitor_activity_log_alerts | azurerm_monitor_log_profile | azurerm_monitor_log_profiles | azurerm_mysql_database | azurerm_mysql_databases | azurerm_mysql_server | azurerm_mysql_servers | azurerm_network_interface | azurerm_network_interfaces | azurerm_network_security_group | azurerm_network_security_groups | azurerm_network_watcher | azurerm_network_watchers | azurerm_postgresql_database | azurerm_postgresql_databases | azurerm_postgresql_server | azurerm_postgresql_servers | azurerm_resource_groups | azurerm_role_definition | azurerm_role_definitions | azurerm_security_center_policies | azurerm_security_center_policy | azurerm_sql_database | azurerm_sql_databases | azurerm_sql_server | azurerm_sql_servers | azurerm_storage_account_blob_container | azurerm_storage_account_blob_containers | azurerm_subnet | azurerm_subnets | azurerm_subscription | azurerm_virtual_machine | azurerm_virtual_machine_disk | azurerm_virtual_machine_disks | azurerm_virtual_machines | azurerm_virtual_network | azurerm_virtual_networks | azurerm_webapp | azurerm_webapps

GCP Resources : google_access_context_manager_access_policies | google_access_context_manager_access_policy | google_access_context_manager_service_perimeter | google_access_context_manager_service_perimeters | google_appengine_standard_app_version | google_appengine_standard_app_versions | google_bigquery_dataset | google_bigquery_datasets | google_bigquery_table | google_bigquery_tables | google_billing_project_billing_info | google_cloud_scheduler_job | google_cloud_scheduler_jobs | google_cloudbuild_trigger | google_cloudbuild_triggers | google_cloudfunctions_cloud_function | google_cloudfunctions_cloud_functions | google_compute_address | google_compute_addresses | google_compute_autoscaler | google_compute_autoscalers | google_compute_backend_bucket | google_compute_backend_buckets | google_compute_backend_service | google_compute_backend_services | google_compute_disk | google_compute_disks | google_compute_firewall | google_compute_firewalls | google_compute_forwarding_rule | google_compute_forwarding_rules | google_compute_global_address | google_compute_global_addresses | google_compute_global_forwarding_rule | google_compute_global_forwarding_rules | google_compute_health_check | google_compute_health_checks | google_compute_http_health_check | google_compute_http_health_checks | google_compute_https_health_check | google_compute_https_health_checks | google_compute_image | google_compute_instance | google_compute_instance_group | google_compute_instance_group_manager | google_compute_instance_group_managers | google_compute_instance_groups | google_compute_instance_template | google_compute_instance_templates | google_compute_instances | google_compute_network | google_compute_network_endpoint_group | google_compute_network_endpoint_groups | google_compute_networks | google_compute_node_group | google_compute_node_groups | google_compute_node_template | google_compute_node_templates | google_compute_project_info | google_compute_region | google_compute_region_backend_service | google_compute_region_backend_services | google_compute_region_instance_group_manager | google_compute_region_instance_group_managers | google_compute_regional_disk | google_compute_regions | google_compute_route | google_compute_router | google_compute_router_nat | google_compute_router_nats | google_compute_routers | google_compute_routes | google_compute_security_policies | google_compute_security_policy | google_compute_snapshot | google_compute_snapshots | google_compute_ssl_certificate | google_compute_ssl_certificates | google_compute_ssl_policies | google_compute_ssl_policy | google_compute_subnetwork | google_compute_subnetwork_iam_binding | google_compute_subnetwork_iam_policy | google_compute_subnetworks | google_compute_target_http_proxies | google_compute_target_http_proxy | google_compute_target_https_proxies | google_compute_target_https_proxy | google_compute_target_pool | google_compute_target_pools | google_compute_target_tcp_proxies | google_compute_target_tcp_proxy | google_compute_url_map | google_compute_url_maps | google_compute_vpn_tunnel | google_compute_vpn_tunnels | google_compute_zone | google_compute_zones | google_container_cluster | google_container_clusters | google_container_node_pool | google_container_node_pools | google_container_regional_cluster | google_container_regional_clusters | google_container_regional_node_pool | google_container_regional_node_pools | google_dataproc_cluster | google_dataproc_clusters | google_dns_managed_zone | google_dns_managed_zones | google_dns_resource_record_set | google_dns_resource_record_sets | google_filestore_instance | google_filestore_instances | google_iam_custom_role | google_iam_custom_roles | google_iam_organization_custom_role | google_iam_organization_custom_roles | google_iam_service_account | google_iam_service_account_key | google_iam_service_account_keys | google_iam_service_accounts | google_kms_crypto_key | google_kms_crypto_key_iam_binding | google_kms_crypto_key_iam_bindings | google_kms_crypto_key_iam_policy | google_kms_crypto_keys | google_kms_key_ring | google_kms_key_ring_iam_binding | google_kms_key_ring_iam_bindings | google_kms_key_ring_iam_policy | google_kms_key_rings | google_logging_folder_exclusion | google_logging_folder_exclusions | google_logging_folder_log_sink | google_logging_folder_log_sinks | google_logging_organization_log_sink | google_logging_organization_log_sinks | google_logging_project_exclusion | google_logging_project_exclusions | google_logging_project_sink | google_logging_project_sinks | google_ml_engine_model | google_ml_engine_models | google_organization | google_organization_iam_binding | google_organization_iam_policy | google_organization_policy | google_organizations | google_project | google_project_alert_policies | google_project_alert_policy | google_project_alert_policy_condition | google_project_iam_binding | google_project_iam_bindings | google_project_iam_custom_role | google_project_iam_custom_roles | google_project_iam_policy | google_project_logging_audit_config | google_project_metric | google_project_metrics | google_project_service | google_project_services | google_projects | google_pubsub_subscription | google_pubsub_subscription_iam_binding | google_pubsub_subscription_iam_policy | google_pubsub_subscriptions | google_pubsub_topic | google_pubsub_topic_iam_binding | google_pubsub_topic_iam_policy | google_pubsub_topics | google_redis_instance | google_redis_instances | google_resourcemanager_folder | google_resourcemanager_folder_iam_binding | google_resourcemanager_folder_iam_policy | google_resourcemanager_folders | google_resourcemanager_organization_policy | google_resourcemanager_project_iam_binding | google_resourcemanager_project_iam_policy | google_runtime_config_config | google_runtime_config_config_iam_binding | google_runtime_config_config_iam_policy | google_runtime_config_configs | google_runtime_config_variable | google_runtime_config_variables | google_service_account | google_service_account_key | google_service_account_keys | google_service_accounts | google_sourcerepo_repositories | google_sourcerepo_repository | google_spanner_database | google_spanner_databases | google_spanner_instance | google_spanner_instance_iam_binding | google_spanner_instance_iam_policy | google_spanner_instances | google_sql_database_instance | google_sql_database_instances | google_sql_user | google_sql_users | google_storage_bucket | google_storage_bucket_acl | google_storage_bucket_iam_binding | google_storage_bucket_iam_bindings | google_storage_bucket_iam_policy | google_storage_bucket_object | google_storage_bucket_objects | google_storage_buckets | google_storage_default_object_acl | google_storage_object_acl | google_user | google_users

Habitat Resources : habitat_package | habitat_packages | habitat_service | habitat_services

Chef Workstation

Overview | Install | Setup | Configure | Troubleshooting | Privacy and Telemetry

Chef Workstation Tools

Berkshelf

chef (executable) : chef executable (full page) | chef capture | chef env | chef exec | chef gem | chef generate attribute | chef generate cookbook | chef generate file | chef generate recipe | chef generate repo | chef generate resource | chef generate template | chef report cookbooks | chef report nodes | chef shell-init

| chef-run (executable) | chef-shell (executable) | chef-vault (executable) | ChefSpec | Chef Workstation App | config.rb (knife.rb) | Optional config.rb Settings

Cookstyle : About Cookstyle | All Cookstyle Cops | Correctness Cops | Chef Deprecation Cops | Effortless Cops | Modernization Cops | Redundant Code Cops | Sharing Cops | Style Cops | InSpec Deprecations Cops

Test Kitchen : About Test Kitchen | kitchen (executable) | kitchen.yml | kitchen-vagrant

Knife : About Knife | Setting up Knife | Knife Common Options | config.rb (knife.rb) | knife azurerm | knife bootstrap | knife client | knife configure | knife cookbook | knife cookbook site | knife data bag | knife delete | knife deps | knife diff | knife download | knife edit | knife environment | knife exec | knife list | knife node | knife opc | knife raw | knife recipe list | knife role | knife search | knife serve | knife show | knife ssh | knife ssl_check | knife ssl_fetch | knife status | knife supermarket | knife tag | knife upload | knife user | knife windows | knife xargs

| Upgrade Lab

Effortless Pattern

Effortless Overview | Quick Start | Effortless Audit | Effortless Config | Variables and Config | What is Scaffolding

Supermarket

About Supermarket | Share Cookbooks

Private Supermarket

About Private Supermarket | Install Private Supermarket | Configure | Backup and Restore | Monitor | Log Files

Reference

supermarket-ctl | Supermarket API

Release Notes

Chef Automate | Chef Infra Client | Chef Infra Server | Chef InSpec | Chef Manage | Chef Workstation

Legacy

Chef Manage

About the Management Console | manage.rb | chef-manage-ctl | Active Directory & LDAP | Configure SAML | Clients | Cookbooks | Data Bags | Environments | Nodes | Roles | Organizations & Groups | Users Send Feedback

Was this page helpful?

×








Search Results