Do new roles become grantable roles by default in Splunk?
I'm using Splunk 6.4.2.
I have created a delegated admin role with one user (say d_admin for instance). Here is its definition, as given by the splunk cli:
role: delegated_admin
capabilities: edit_roles_grantable edit_user rest_apps_view rest_properties_get
default app:
grantable_roles: dashboard_designer;dashboard_viewer
imported_capabilities:
imported_roles:
searchable_indexes:
default_index:
dashboard_designer and dashboard_viewer are nothing special, I just use them to define permissions on apps and dashboards.
Now, when I log into d_admin and create a new role (e.g new_role ), I can see and manage it just as if it was in the grantable_roles list, but it is not. I am not at liberty to test if that survives a cold reboot.
My question here is :
Is that a undocumented feature that I can rely on or is that some sort of bug that will bite me if I trust it?
Regards,
Kiran
... View more