Hi,
I have an app which allows to send custom alerts to an external provider.
Recently the app uses secret storage to:
1) Store/save keys during setup view
2) Read the key on Python alert script to invoke the external provider
Because any "common" user is able to create an Alert, during the executing I'm seeing an error reading the key due to the lack of "list_storage_passwords" role
Questions:
- Is this role required for all users that setup this Alert that read the App secret key?
- I've have some concerns from administrators saying they don't want to give out this role as it implies allowing these users to read ALL secrets from the Splunk instance. Is this accurate? Or this list_storage_passwords role will actually only allow reading specific App secrets that are marked as read for all users?
Thank you.
... View more