Application-level permissions

axcherukuri · ‎04-26-2013

Hi,

I was wondering if there is a way to provide admin access @ application level (all its objects) to a specific role instead of global admin access (admin_all_objects).

Thanks

axcherukuri · ‎04-29-2013

found a solution for this.

Define seperate indexes
assign admin_all_objects accces to the role
from command line add required role to write permissions. File: /etc/apps//metadata/default.meta

Sample default.meta

Application-level permissions

[]
access = read : [ * ], write : [ admin, power, myRole ]

EVENT TYPES

[eventtypes]
access = read : [ * ], write : [ admin, power, myRole ]
export = system

PROPS

[props]
access = read : [ * ], write : [ admin, power, myRole ]
export = system

TRANSFORMS

[transforms]
access = read : [ * ], write : [ admin, power, myRole ]
export = system

LOOKUPS

[lookups]
access = read : [ * ], write : [ admin, power, myRole ]
export = system

VIEWSTATES: even normal users should be able to create shared viewstates

[viewstates]
access = read : [ * ], write : [ * ]
export = system

Thanks

Application level Admin access...

Application-level permissions

EVENT TYPES

PROPS

TRANSFORMS

LOOKUPS

VIEWSTATES: even normal users should be able to create shared viewstates

The OpenTelemetry Certified Associate (OTCA) Exam

From Manual to Agentic: Level Up Your SOC at Cisco Live

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 4)

Join the Conversation

Application level Admin access...

Application-level permissions

EVENT TYPES

PROPS

TRANSFORMS

LOOKUPS

VIEWSTATES: even normal users should be able to create shared viewstates

The OpenTelemetry Certified Associate (OTCA) Exam

From Manual to Agentic: Level Up Your SOC at Cisco Live

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 4)