Security

logged in user temporarily drop a role

FritzWittwer_ol
Contributor

We are developing an app with dashboards which are only shown if the current user has certain Splunk roles, this roles also grant access to the specific indexes.
The developers have all this roles, but in order to see the app as a user with a certain role would see it, they need to be able to temporarily drop some roles they own. Any idea except creating test users?
BTW, the developers don't get the admin role 😉

0 Karma

DalJeanis
Legend

I don't see any way that won't be MUCH more of a headache than giving your developers each a user account, or collective access to test user ids to check out. Any such facility would mean that the developer's actual role was always in flux on the system. That will lead, at the very least, to lots of noise in your tracking of auth updates, and at worst to random errors due to developers not having expected roles at times they need them.

naidusadanala
Communicator

Is it the user wants to know which access he has on the dashboard panel ?

If yes , try this

| rest /services/authentication/current-context splunk_server=local | table title roles username | rename roles as title | mvexpand title

0 Karma
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...