Description of problem: Non cluster admins lose access to Kibana indexes and are forced to recreate them despite previous bugzilla identified in 4.5 for this issue being fixed with https://access.redhat.com/errata/RHBA-2021:1489 Version-Release number of selected component (if applicable): 4.6.28 How reproducible: N/A Steps to Reproduce: Hit previous bug found in https://access.redhat.com/solutions/5885501 then upgrade to 4.6.28 and delete and recreate the users kibana index seems to solve the issue but after a couple of days the user permissions seem to revert back Actual results: Users permissions after being fixed eventually revert back to 2021-05-25T11:02:03,047][INFO ][c.a.o.s.p.PrivilegesEvaluator] [elasticsearch-cdm-xxxxxxx-3] No index-level perm match for User [name=xxxxxx.xxx, roles=[project_user], requestedTenant=__user__] Resolved [aliases=[*], indices=[*], allIndices=[*], types=[*], originalRequested=[], remoteIndices=[]] [Action [indices:admin/mappings/get]] [RolesChecked [project_user]] [2021-05-25T11:02:03,047][INFO ][c.a.o.s.p.PrivilegesEvaluator] [elasticsearch-cdm-8opci2yc-3] No permissions for [indices:admin/mappings/get] Expected results: User permissions should not revert and users should still be able to access there kibana indexes Additional info: Customer reportedly upgrade on May 21st and then deleted and recreated the users kibana index. They reported that it stopped working again on may 25th. So about 4 days.
Solved with https://github.com/openshift/origin-aggregated-logging/pull/2165
Verified on below CSV NAME DISPLAY VERSION REPLACES PHASE clusterlogging.4.6.0-202110190717 Cluster Logging 4.6.0-202110190717 Succeeded elasticsearch-operator.4.6.0-202110212031 OpenShift Elasticsearch Operator 4.6.0-202110212031 Succeeded non-cluster admin user is able to create index pattern in kibana and index pattern is not deleted. Manual deletion of the index pattern by the user and recreating it is also working fine. Marking Bug as QE verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6.49 extras update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:4010