how to create a data bag as part of chef script

Question

I need to create a data bag and then an data bag item USING CHEF RECIPE. I an unable to do so. I have the content also ready which is as follows

require 'rubygems'
require 'chef/encrypted_data_bag_item'

secret = Chef::EncryptedDataBagItem.load_secret('/root/data_bag')
data = {"id" => "TEST", "root" => "root", "passwd" => "passwd"}
encrypted_data = Chef::EncryptedDataBagItem.encrypt_data_bag_item(data, secret)

Now that i have the content , i need to create a data bag and an item , and then append the content in to that item . this is the approach which i tried for creating a data bag. But it failed.

new_databag = Chef::DataBag.new
new_databag.name('list')
new_databag.save

when i am using new_databag.save its saying forbidden.

Below is the snippet for creating the data bag item,which i got it over the internet. but how do we specify the item name which we want to give.

item = Chef::DataBagItem.new
item.data_bag('list')
item.raw_data = data
item.save

Any help would be appreciated ..!!

Answer 1

Chef clients do not have permission to create/update data bags (holds true for other containers such as roles).

If you see a "403 Forbidden" change permissions for clients under "Administration > Global Permissions > data_bags" in chef server. To use knife you would have to install the "knife-acl" plugin.

This operation will not change permissions for existing data bags though!