Solved: Import roles

nawazns5038 · ‎11-29-2018

Hi,

I want to create a role and import capabilities or index permissions .
Suppose , I have role A which has indexes allowed = dog,cat
I create a role B and say importRoles = A and B has search indexes allowed = fish, chicken.

what index permissions does role B have in final ??
And also the capabilities ?

Will both the search indexes allowed get mixed ? or only the capabilities ??

Thanks,

prakash007 · ‎11-29-2018

let's say you have a user=test assigned with roleB, he can search all indexes(including indexes allowed for role A)
capabilities also get mixed: you can check it under settings--->access controls---->roles---->roleB(imported capabilities are from roleA)

check this splunk doc for further explanation...
http://docs.splunk.com/Documentation/Splunk/7.2.1/Security/Addandeditroleswithauthorizeconf

View solution in original post

prakash007 · ‎11-29-2018

let's say you have a user=test assigned with roleB, he can search all indexes(including indexes allowed for role A)
capabilities also get mixed: you can check it under settings--->access controls---->roles---->roleB(imported capabilities are from roleA)

check this splunk doc for further explanation...
http://docs.splunk.com/Documentation/Splunk/7.2.1/Security/Addandeditroleswithauthorizeconf

nawazns5038 · ‎11-30-2018

how about for version 6.5.3 ??

prakash007 · ‎11-30-2018

I don't think there is a difference in this case form 6.5.3 and 7.21...

http://docs.splunk.com/Documentation/Splunk/6.5.3/Security/Addandeditroleswithauthorizeconf

you could also test it on your local splunk instance creating a user assigning a role(with inherited role)

nawazns5038 · ‎12-04-2018

Ya, it worked. Thanks for the answer !!

Import roles

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes

Welcome to the Splunk Community!