Hello,
I am trying to create basic roles for my app, the corresponding authorize.conf looks as follows:
# Indexes that belong to the App
[role_s4_DCM_app_indexes]
srchIndexesAllowed = mlbso; mlbso_changelog
srchIndexesDefault = mlbso; mlbso_changelog
# Role for the users to access logs
[role_s4_DCM_app_user_logs]
importRoles = user, role_s4_DCM_app_indexes
# Role for the users to access all DB connections
[role_s4_DCM_app_user_dbcon]
importRoles = user, db_connect_user
# Role for the users to access both logs and DB
[role_s4_DCM_app_user]
importRoles = role_s4_DCM_app_user_dbcon, role_s4_DCM_app_user_logs
# Power user = user + administering of the db connections
[role_s4_DCM_app_power]
importRoles = role_s4_DCM_app_user, db_connect_admin
# ##################### Start: DB connections to splecific databases ##################################
# The idea is to grant the access to specific objects then in the local.meta based on the roles
# ... copied for FRUN relevant objects
[role_s4_DCM_app_user_FRUN]
importRoles = role_s4_DCM_app_user_dbcon
# ... copied for Mshadow relevant objects
[role_s4_DCM_app_user_Mshadow]
importRoles = role_s4_DCM_app_user_dbcon
# ... copied for Pingdom relevant objects
[role_s4_DCM_app_user_Pingdom]
importRoles = role_s4_DCM_app_user_dbcon
# ##################### End: DB connections to splecific databases ####################################
however, when I check then in the UI interface, there is no inheritance visible for the new s4 roles, which I would expect to be based on the above:
What I did then was to manually change the inheritance in the UI for one of the roles (marked green: s4_dcm_app_user), restart and try to figure out which configuration file it would land in ... and nothing.
I used the following linux command:
splunk@ccd01v013355:/opt/splunkdev> grep -rnw '.' -e 'role_s4_DCM_app_user'
and it returned the same entries from the authorize.conf before and after the UI inheritance setting.
So, how would I properly set the inheritance in the configuration files? I need to do this there and not one by one in the UI ...
Kind Regards,
Kamil
the issue got solved ... it was an simple mistake ("," instead of ";" ) in the importRoles.
It was:
importRoles = user, db_connect_user
it should be:
importRoles = user; db_connect_user
for all the corresponding roles.
Kind Regards,
Kamil