Consul UI ACL policy edit issue


For Consul : 1.9.5

I have a consul cluster with ACL enabled. Anonymous token is attached to a default role and it has following permissions assigned:

acl - read
operator - read
agent - read and write
services - read and write
node - read and write
kv - read and write
sessions - read and write.

The cluster is running in a default acl deny mode.

Now when i go to the consul ui and try to modify any of the acl policy … it gives following error:

There was an error saving your policy. (403: rpc error making call: permission denied)

which is a correct message, but after this if i click on cancel button and refresh the page, the change is reflected there. It should not have made any change becuase the ACL permission does not allow to modify the policy without a valid token.

Is this some sort of a UI bug ?

Can anyone reproduce this issue ?

Hi @ashwinkupatkar! Thanks for reporting this, it does indeed appear to be a bug. We’ve filed a bug internally to address it.
Thanks again!

1 Like

Thanks @kschoche . Can you please let us know when this bug gets fixed in the upcoming release ?

@kschoche is this bug resolved ? Thanks

Hi @ashwinkupatkar - Yes, this was fixed!
Here is a link to the bug in github : ui: Disabling policy form fields from users with 'read' permissions by kaxcode · Pull Request #10902 · hashicorp/consul · GitHub

1 Like