Uploaded image for project: 'PuppetDB'
  1. PuppetDB
  2. PDB-3188

puppetdb token auth documentation is vauge on what permissions needed

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PDB 4.3.1
    • Component/s: DOCS
    • Labels:
      None
    • Template:
    • Story Points:
      1

      Description

      Overview

      I want to use the token auth API to access puppetdb but our documentation is vague on what permissions are required:

      Note: The token the user is for must have the correct permissions for viewing or editting node data depending on the operation.

      What permissions/operations? We need to be specific

      Page

      https://docs.puppet.com/puppetdb/latest/api/query/curl.html#using-an-rbac-token-pe-only

      Customer impact

      • The page doesn't give enough information for customers to perform the task in-hand
      • The easiest way to figure out what permissions to use is to request them using the rbac web ui and then capture the REST requests being sent to the service, eg with firebug

      Permissions

      Capturing traffic/probing the GUI will reveal that two levels of access are available - read and write:

       
      # read permission
      {"objectType":"nodes","action":"view_data","instance":null}
       
      # write permission
      {"objectType":"nodes","action":"edit_data","instance":null}
      
      

        Attachments

          Activity

            People

            • Assignee:
              andrew.roetker AJ Roetker
              Reporter:
              geoff.williams Geoff Williams
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support