(Although this example will use Splunk's Lookup Editor app, it applies to custom REST commands in general.)
I am using the Lookup Editor provided by Splunk from SplunkBase (authored by @LukeMurphey) and am saving the lookups with the user in context, which saves it as a private user-scoped artifact.
I would like to make it globally shared while retaining the lookup's ownership information, so I attempt the following after the rest call that saves the lookup:
# Set ACL to make lookup globally shared
url = '/servicesNS/%s/%s/data/lookup-table-files/%s/acl' % (owner, namespace, lookup_file)
postargs = {
'owner': owner,
'sharing': 'global'
}
rest.simpleRequest(url, postargs=postargs, sessionKey=key, raiseAllErrors=True)
When using the lookup editor as an admin, it will work fine as the admin has the capabilities to make such modifications; however, users are not able to do so and the call fails.
How can I programmatically make this REST call as an admin? I am hoping that as the script is on the server-side, I won't have to authenticate as an admin as I imagine that would require having to store credentials, which would be tricky as we have several clusters.
I have also tried making the REST call using the Splunk binary as mentioned in this Answer, but it had no effect.