You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Access to Puppetdb /metrics path requires authentication now. If puppetdb is listening only on 127.0.0.1 and you don't mind allowing unauthenticated requests retrieving your hosts' metrics then doing this is not terrible:
--- a/etc/puppetlabs/puppetdb/conf.d/auth.conf 2022-04-16 01:41:10.630544433 +1200+++ b/etc/puppetlabs/puppetdb/conf.d/auth.conf 2022-04-16 01:42:54.387643005 +1200@@ -23,13 +23,24 @@
name: "puppetlabs status service - simple"
},
{
+ # Allow puppetdashboard to access the metrics service+ match-request: {+ path: "/metrics"+ type: path+ method: get+ }+ allow-unauthenticated: true+ sort-order: 500+ name: "unauth puppetlabs puppetdb metrics for puppetdashboard"+ },+ {
# Allow nodes to access the metrics service
# for puppetdb, the metrics service is the only
# service using the authentication service
match-request: {
path: "/metrics"
type: path
- method: [get,post]+ method: post
}
allow: "*"
sort-order: 500
I am getting "You don't have the permission to access the requested resource. It is either read-protected or not readable by the server."
while checking the
puppetdb.log
, I found below error:ERROR [p.t.a.rules] Forbidden request: 127.0.0.1 access to /metrics/v2/read/puppetlabs.puppetdb.population%3Aname%3Dnum-nodes (method :get) (authenticated: false) denied by rule 'puppetlabs puppetdb metrics'.
Need help on this. I am using v6.1.0 version.
Regards
vkedar
The text was updated successfully, but these errors were encountered: