This repo contains the pipeline and BOSH manifests for deploying cloud.gov ELK implementation.
For admins to access all logs, membership in the System Organization is required.
To set up the UAA client, add the following to the CF secrets:
properties:
uaa:
clients:
kibana_oauth2_client:
secret: CHANGEME
scope: scim.userids,cloud_controller.read,openid,oauth.approvals
authorized-grant-types: refresh_token,authorization_code
redirect-uri: https://CHANGEME/login
autoapprove: true
logsearch_firehose_ingestor:
secret: CHANGEME
authorized-grant-types: client_credentials
authorities: doppler.firehose,cloud_controller.admin
override: true