I tried to reproduce the issue you mentioned here. You mentioned you are unable to configure "Inputs", I don't think there is an issue there as I installed the same version of the addon on Splunk 8.0.1 as you mentioned and I was able to view the page.
But if you are unable to configure in the "Configuration" tab, then you may not have the 'admin' or the 'sc_admin' role which is required for configuration as mentioned in the Docs https://docs.splunk.com/Documentation/AddOns/released/MSCloudServices/Hardwareandsoftwarerequirements
I hope this solves it.
... View more
The documentation for 'restmap.conf' can be obtained here: https://docs.splunk.com/Documentation/Splunk/8.0.1/Admin/Restmapconf
The purpose of the 'capability' attribute is to restrict a user without that particular capability to hit that endpoint. I used the attribute to do the same. But I observed some anomaly here. It is as described below:
handlertype = python
handlerfile = splunk_ta_addon_rh_server.py
handleractions = edit, list, remove, create
handlerpersistentmode = true
capability = admin_all_objects
As per the Splunk docs, a user without this capability should not be able to access the 'splunk_ta_addon_server' endpoint. But in this case, it allows the user to access the endpoint.
But when I added the same attribute in a different stanza, as displayed below, the attribute is working fine and it does not allow the user to access the restricted endpoint.
match = /
members = splunk_ta_addon_server
Can anyone please explain, why is there such a difference in the behaviour of the attribute in different stanzas? Am I missing something here?
... View more