Permission issue on puppetboard . #673
Labels
Comments
|
Please see #566. Do comments there help? |
|
Access to Puppetdb /metrics path requires authentication now. If puppetdb is listening only on 127.0.0.1 and you don't mind allowing unauthenticated requests retrieving your hosts' metrics then doing this is not terrible: --- a/etc/puppetlabs/puppetdb/conf.d/auth.conf 2022-04-16 01:41:10.630544433 +1200
+++ b/etc/puppetlabs/puppetdb/conf.d/auth.conf 2022-04-16 01:42:54.387643005 +1200
@@ -23,13 +23,24 @@
name: "puppetlabs status service - simple"
},
{
+ # Allow puppetdashboard to access the metrics service
+ match-request: {
+ path: "/metrics"
+ type: path
+ method: get
+ }
+ allow-unauthenticated: true
+ sort-order: 500
+ name: "unauth puppetlabs puppetdb metrics for puppetdashboard"
+ },
+ {
# Allow nodes to access the metrics service
# for puppetdb, the metrics service is the only
# service using the authentication service
match-request: {
path: "/metrics"
type: path
- method: [get,post]
+ method: post
}
allow: "*"
sort-order: 500 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am getting "You don't have the permission to access the requested resource. It is either read-protected or not readable by the server."
while checking the
puppetdb.log, I found below error:ERROR [p.t.a.rules] Forbidden request: 127.0.0.1 access to /metrics/v2/read/puppetlabs.puppetdb.population%3Aname%3Dnum-nodes (method :get) (authenticated: false) denied by rule 'puppetlabs puppetdb metrics'.Need help on this. I am using v6.1.0 version.
Regards
vkedar
The text was updated successfully, but these errors were encountered: