vscheuber
commented
1 year ago @DannyBlazejczak thank you for reporting this issue. It appears that the new service accounts don't have the necessary privileges to create log API keys. I'm looking into this now.
My current thinking is to move the log API key generation into the frodo conn save command, where we have access to an admin session, which we use to create the service account.
DannyBlazejczak
In version 0.15.1 - the previous version that I used, the logs API keys are automatically created.
In the latest version in 0.21.1, the auto creation of the API keys fail with following error message:
npx --no-install frodo logs tail staging alpha Connected to https://openam-xxxx-staging.id.forgerock.io/am [alpha] as user xxxxxx get keys ERROR: get keys call returned AxiosError: Request failed with status code 403 TypeError: Cannot read properties of undefined (reading 'api_key_id') at FrodoCommand.<anonymous> (/Users/xxxxx/projects/workspaces/GitHub/xxxxa/infra/node_modules/@rockcarver/frodo-cli/esm/cli/logging/cli/logging/logs-tail.ts:66:36) at processTicksAndRejections (node:internal/process/task_queues:96:5)The migration of the old ~/.frodo/.frodorc to ~/.frodo/Connections.json automatically migrates those API keys into the new format. So upgrading to the new version still works for the log api keys. But creating new keys in a new environment is broken.