Uploaded image for project: 'Observability Documentation'
  1. Observability Documentation
  2. OBSDOCS-2886

Expand fine-grained access section to cover ServiceAccounts

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • Logging
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      Context

      In https://issues.redhat.com/browse/LOG-6894 we realized that when the identity that we are trying to grant privileges to is a ServiceAccount that we need to preform some extra steps.

      If we are trying to grant the service account clusterwide access we should as well add it's group to adminGroups in LokiStack

      If we are trying to grant the service account just permissions to look a the application logs of a single namespace we should grant that service account the ability to list the projects in question

              amehenda@redhat.com Ashwin Mehendale
              jmarcal@redhat.com Joao Marcal
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: