Security

logged in user temporarily drop a role

FritzWittwer_ol
Contributor

We are developing an app with dashboards which are only shown if the current user has certain Splunk roles, this roles also grant access to the specific indexes.
The developers have all this roles, but in order to see the app as a user with a certain role would see it, they need to be able to temporarily drop some roles they own. Any idea except creating test users?
BTW, the developers don't get the admin role 😉

0 Karma

DalJeanis
SplunkTrust
SplunkTrust

I don't see any way that won't be MUCH more of a headache than giving your developers each a user account, or collective access to test user ids to check out. Any such facility would mean that the developer's actual role was always in flux on the system. That will lead, at the very least, to lots of noise in your tracking of auth updates, and at worst to random errors due to developers not having expected roles at times they need them.

naidusadanala
Communicator

Is it the user wants to know which access he has on the dashboard panel ?

If yes , try this

| rest /services/authentication/current-context splunk_server=local | table title roles username | rename roles as title | mvexpand title

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...