When log in on Splunk Cloud, I get error on role not found
- I go to splunk.com portal
- go the splunkcloud self service single instance page
- I see that my user has the role "AAA" that I defined
But when I am redirected to the instance, it fails and I cannot log in:
No valid splunk role found in the local mapping or assertion.
Click here to return to Splunk.
In Splunkcloud single instances, the new roles have to be defined in 2 locations by the deployment admin :
1 - on the splunk instance in the role manager
2 - then on the splunk.com invite portal of the deployment, in order to assign them to users invited.
In my case the role AAA is only on the invite portal.
Once I defined it on the splunk instance in Settings > Access Controls > roles it started working
The opposite is also bad, If I do not define the role in the invite portal, I cannot assign it to the users.
In Splunkcloud single instances, the new roles have to be defined in 2 locations by the deployment admin :
1 - on the splunk instance in the role manager
2 - then on the splunk.com invite portal of the deployment, in order to assign them to users invited.
In my case the role AAA is only on the invite portal.
Once I defined it on the splunk instance in Settings > Access Controls > roles it started working
The opposite is also bad, If I do not define the role in the invite portal, I cannot assign it to the users.
The opposite is not necessarily bad. Roles in Splunk can multiply inherit from other roles, so there is actually a potential use case (think groups of indexes that need to be shared by N roles)... you create a role that has no users, just is inherited by roles with users.