I'm learning chef_vault.
I can go into my vaults and grant admins and clients (nodes) access to vault items inside the vaults, but is there a way I can grant admins and clients access to an entire vault and all its contents?
Is there an mechanism to easily add and remove access to an entire vault and also view that access?
Not specifically. Every vault item is encrypted separately. You could certainly make some scripts that call
knife vault updatewith the same access parameters for every item in a bag though.