1913483 – Access to the ES root url / from a project's pod on Openshift

Bug 1913483 - Access to the ES root url / from a project's pod on Openshift

Summary: Access to the ES root url / from a project's pod on Openshift

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Logging
Sub Component:
Version:	4.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.6.z
Assignee:	Jeff Cantrill
QA Contact:	Giriyamma
Docs Contact:
URL:
Whiteboard:	logging-exploration
Depends On:	1906765
Blocks:	1913366
TreeView+	depends on / blocked

Reported:	2021-01-06 21:41 UTC by OpenShift BugZilla Robot
Modified:	2024-03-25 17:45 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Cause: Non-administrative users do not have the MONITOR permission set to allow them to query to root endpoint to retrieve the ES version. Consequence: Users received a 403 response which would break any services that utilized this endpoint in prior releases Fix: Update the permission set to allow query of the root endpoint Result: Users are now able to determine the deployed version of ES
Clone Of:
Environment:
Last Closed:	2021-02-01 15:16:13 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift origin-aggregated-logging pull 2039	0	None	closed	Bug 1913483: Allow project users to view root endpoint	2021-02-15 15:35:42 UTC
Red Hat Product Errata	RHBA-2021:0238	0	None	None	None	2021-02-01 15:16:20 UTC

Comment 2 Anping Li 2021-01-25 07:19:21 UTC

Verified on elasticsearch-operator.4.6.0-202101230113.p0

Comment 5 errata-xmlrpc 2021-02-01 15:16:13 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6.15 extras update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:0238

Note You need to log in before you can comment on or make changes to this bug.