Created attachment 1738987 [details] Screenshot from Dev-console. Description of problem: After creating alert rules for user-namespaces, there is a `forbidden` error shown in the `Active alerts` section while viewing the alerting rule. Version-Release number of selected component (if applicable): How reproducible: 100 % Steps to Reproduce: 1. Create a user having the roles `admin`, `monitoring-rules-view` and `monitoring-edit`in a namespace of a `user-workload monitoring` enabled cluster. 2. Create an alert rule in the namespace. 3. Check the `Active Alerts` section of the developer console (i.e Developer console --> Monitoring --> Alerts --> View alerting Rule) Actual results: An error message showing `AN ERROR OCCURED FORBIDDEN` Expected results: No error message should be shown. Additional info: This issues seems not be hitting for a user having cluster wide access. The dev console proxies seems to be routed incorrectly. ~~~ right: Request URL: https://console-openshift-console.apps.ci-ln-ypz5i9t-f76d1.origin-ci-int-gce.dev.openshift.com/api/prometheus-tenancy/api/v1/query_range?start=1607954842.998&end=1607956642.998&step=6&namespace=sur-project&query=version%7Bjob%3D%22prometheus-example-app%22%2Cnamespace%3D%22sur-project%22%7D+%3D%3D+0&timeout=30s wrong: Request URL: https://console-openshift-console.apps.ci-ln-ypz5i9t-f76d1.origin-ci-int-gce.dev.openshift.com/api/prometheus/api/v1/query_range?start=1607954825.049&end=1607956625.049&step=6&query=version%7Bjob%3D%22prometheus-example-app%22%2Cnamespace%3D%22sur-project%22%7D+%3D%3D+0&timeout=30 s right: Request URL: https://console-openshift-console.apps.ci-ln-ypz5i9t-f76d1.origin-ci-int-gce.dev.openshift.com/api/prometheus-tenancy/api/v1/rules?namespace=sur-project wrong: Request URL: https://console-openshift-console.apps.ci-ln-ypz5i9t-f76d1.origin-ci-int-gce.dev.openshift.com/api/prometheus/api/v1/rules ~~~ Please find the attachment for the screenshot of the error.
Created attachment 1749333 [details] `Active alerts` section not throwing forbidden error for users.
Verified on build version: 4.7.0-0.nightly-2021-01-19-095812 Browser version: Chrome 84
Yes @jkaur, we are porting it to 4.6.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days