Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-3294

Infra project admins can't view respective logs project specifc logs in kibana

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Normal
    • None
    • Logging 5.4.7
    • Log Storage
    • None
    • False
    • None
    • False
    • NEW
    • NEW
    • Medium

    Description

      Description of problem:

      If a user is assigned with project admin role for openshift-* projects, then the user is not able to view the respective project logs in kibana.

      Version-Release number of selected component (if applicable):

      Reproduced in 5.4.7

      How reproducible:

      100%

      Steps to Reproduce:

      1. Install Elasticsearch Operator and Logging Operator.
      2. Create any user with project admin provileges.
      $ oc adm policy add-role-to-user admin user1 -n openshift-monitoring
      3. Check if index pattern can be created in kibana.
      4. Kibana doesn't list the infra index for "user1".
      5. However, if the user is assigned "cluster-reader" clusterrole, then infra index pattern can be created.

      Actual results:

      Infra project admins (openshift-*) can't view their respective project specific logs in kibana. Additional role has to be assigned to view the logs.

      Expected results:

      Infra project admins should be able to create index pattern for infra indixes.

      Additional info:

      Attachments

        Activity

          People

            Unassigned Unassigned
            rhn-support-dgautam Dhruv Gautam
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: