After upgrading from Security Analytics 10.4.x to 10.5, the permissions of roles created prior to the upgrade are missing.
Pre-upgrade: Image description
Post-upgrade: Image description
Security Analytics reads role permissions from the security-policy folder. This issue occurs because in version 10.5, the security-policy folder path is incorrectly set to /opt/rsa/jetty9/target/rsa/ when it should be /var/lib/netwintess/uax/. Due to this wrong path, the 10.4 custom permissions are not shown in the Security Analytics UI.
This issue is permanently resolved in Security Analytics 10.5.0.1.
To resolve the issue, we would need to copy the security-policy folder from /var/lib/netwintess/uax/ to /opt/rsa/jetty9/target/rsa/. The steps are:
Stop the puppet and jettysrv services.
service puppet stop
Go to the /opt/rsa/jetty9/target/rsa/ directory.
Rename security-policy folder.
mv security-policy security-policy.old
Copy the security-policy folder from /var/lib/netwintess/uax/ to the /opt/rsa/jetty9/target/rsa/ directory.