All versions, architectures, and topologies of Chef Infra Server.
Allowing users to only bootstrap a node and read-only access to Chef Infra Server using knife-acl
Do not have any specific bootstrap only group/user permissions
The desired result can be achieved using the permission system
Create a group named "bootstrap" (it can be any desired name):
knife group create bootstrap
Add that group to the "create" permission of the "clients" container. Then add appropriate users to the bootstrap group.
Something similar to:
knife acl add group bootstrap containers clients create,update
add users to the group to suit:
knife group add actor bootstrap $some_user
knife group remove actor user $some_user
Note: we do not recommend using knife-acl unless you absolutely must and acknowledge the responsibility/risk of making fundamental changes to the permissions of your groups/users