Details
-
Feature Request
-
Resolution: Can't Do
-
Major
-
None
-
2.12.0 CR2
-
False
-
None
-
False
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
0
-
0%
Description
Creating a new CustomPolicyDefinition as defined in doc works for default tenant, but not for the custom tenants.
To reproduce
Create a tenant
Create a CustomPolicyDefinition linked to that tenant, eg.:
apiVersion: capabilities.3scale.net/v1beta1 kind: CustomPolicyDefinition metadata: name: sihq-parse-query-args-sih-dev-yb8531 spec: name: SIHQ Parse Query Args providerAccountRef: name: tenant-secret schema: $schema: 'http://json-schema.org/draft-07/schema#' configuration: properties: context_key: default: parsed_query_args description: Liquid context key where the parsed query args will be set type: string required: [] type: object description: - name: SIHQ Parse Query Args summary: Allows to parse the query args of a request. version: '1.0' version: '1.0'
Result: The above generates an error
status:
conditions:
- lastTransitionTime: '2022-11-28T18:39:56Z'
message: >-
error calling 3scale system - reason: {"error":"Your access token does
not have the correct permissions"} - code: 403
status: 'True'
type: Failed
- lastTransitionTime: '2022-11-28T18:39:56Z'
status: 'False'
type: Invalid
- lastTransitionTime: '2022-11-28T18:39:56Z'
status: 'False'
type: Ready
observedGeneration: 1
providerAccountHost: 'https://dev-admin.{tenant-name}'
The workaround is to create a new token with the Read + Write permissions to the Account Management API and Policy Registry API.
