Ability to set up Splunk integration without list_storage_passwords permission

XMLWordPrintable

    • 1

      User Problem

      Currently, the Splunk app for Opsgenie requires a user with list_storage_passwords permissions to set up the app. This is a broad permission set that also allows that user to query any other credentials stored there (typically assigned only to admins). 

      This is not practical for most organizations as the admin role is restricted

      Suggested Solutions

      Utilize new ways of credential storage and utilize the *.meta file to allow users without list_storage_passwords to query the credentials for the Opsgenie app. 

      https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/secretstorage/

      https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/secretstorage/secretstoragerbac/#Configure-knowledge-object-based-access-to-secret-storage

      Current Workarounds

      Configure an email notification alert action instead of utilizing the app.

            Assignee:
            Unassigned
            Reporter:
            Robert
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: