Add warn log when all ACL policies are filtered out (#15632)

This commit is contained in:
Chris S. Kim 2022-12-05 11:26:10 -05:00 committed by GitHub
parent 692a6fdecf
commit c046d1a4d8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions

View File

@ -632,6 +632,10 @@ func (r *ACLResolver) resolvePoliciesForIdentity(identity structs.ACLIdentity) (
policies = append(policies, syntheticPolicies...) policies = append(policies, syntheticPolicies...)
filtered := r.filterPoliciesByScope(policies) filtered := r.filterPoliciesByScope(policies)
if len(policies) > 0 && len(filtered) == 0 {
r.logger.Warn("ACL token used lacks permissions in this datacenter: its associated ACL policies, service identities, and/or node identities are scoped to other datacenters", "accessor_id", identity.ID(), "datacenter", r.config.Datacenter)
}
return filtered, nil return filtered, nil
} }