[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Kibana permissions issue



We have some recent issues logged against this which are related to load and the number of projects which a user can view.  This [1] is a high level document which may be of interest to you on how the permissions are generated and what constitutes an 'admin user'



On Tue, Jul 16, 2019 at 11:05 AM Shane Ripley <sripley cableone net> wrote:
Greetings, I have a permissions issue with Kibana that I can't seem to figure out. I've reviewed all the settings that I can think of, but nothing seems to be wrong.

The domains user is the admin of several projects, and up until recently, was able to view logs in kibana for all of its projects. I have no idea what changed, but now I can no longer view any logs.

 [security_exception] no permissions for [indices:data/read/search] and User [name=domains ....


oc describe rolebinding.rbac -n domains-dev |more

Name:         admin
Labels:       <none>
Annotations:  <none>
Role:
  Kind:  ClusterRole
  Name:  admin
Subjects:
  Kind  Name     Namespace
  ----  ----     ---------
  User  domains  

I'm at a loss as to what to check next. Other users can view logs, so the issue seems to be limited to just the domains user.

I've redeployed the openshift-logging project and ouath/kibana pod but that didn't seem to help.

Thanks.

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users


--


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]