Bug 1780037 - alertmanager-access role prevents cluster-monitoring-view grantees users to view fired alerts
Summary: alertmanager-access role prevents cluster-monitoring-view grantees users to v...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Monitoring
Version: 4.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.4.0
Assignee: Sergiusz Urbaniak
QA Contact: Junqi Zhao
URL:
Whiteboard:
Depends On:
Blocks: 1780142
TreeView+ depends on / blocked
 
Reported: 2019-12-05 09:47 UTC by Sergiusz Urbaniak
Modified: 2020-05-04 11:19 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1780142 (view as bug list)
Environment:
Last Closed: 2020-05-04 11:18:31 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-monitoring-operator pull 580 0 'None' closed Bug 1780037: Undo creating alertmanager-access role 2020-04-08 11:06:44 UTC
Red Hat Product Errata RHBA-2020:0581 0 None None None 2020-05-04 11:19:07 UTC

Description Sergiusz Urbaniak 2019-12-05 09:47:09 UTC 
With introducing the alertmanager-access role (https://jira.coreos.com/browse/SREP-1983) we prevent users having the cluster-monitoring-view cluster role to view fired alerts/silences and any information that reads from alertmanager.

This change is too intrusive and too coarse-grained, so effectively PM (Christian Heidenreich) is voting for undoing that change for 4.3.
Comment 4 errata-xmlrpc 2020-05-04 11:18:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581
Note You need to log in before you can comment on or make changes to this bug.