Max level shown: TRCE DEBG INFO WARN ERRO FATA

1			[ Nov 16 16:44:00 Disabled. ]
2			[ Nov 16 16:44:00 Rereading configuration. ]
3			[ Nov 16 16:44:14 Rereading configuration. ]
4			[ Nov 16 16:44:34 Enabled. ]
5			[ Nov 16 16:44:34 Executing start method ("ctrun -l child -o noorphan,regent /opt/oxide/nexus/bin/nexus /var/svc/manifest/site/nexus/config.toml &"). ]
6			[ Nov 16 16:44:34 Method "start" exited with status 0. ]
7			note: configured to log to "/dev/stdout"
8	2023-11-16T16:44:34.939Z	DEBG	nexus: registered DTrace probes
9	2023-11-16T16:44:34.941Z	INFO	nexus: setting up nexus server file = nexus/src/lib.rs:88
10	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Action file = nexus/db-queries/src/authz/oso_generic.rs:68
11	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = AnyActor file = nexus/db-queries/src/authz/oso_generic.rs:68
12	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = AuthenticatedActor file = nexus/db-queries/src/authz/oso_generic.rs:68
13	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Database file = nexus/db-queries/src/authz/oso_generic.rs:68
14	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = DnsConfig file = nexus/db-queries/src/authz/oso_generic.rs:68
15	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Fleet file = nexus/db-queries/src/authz/oso_generic.rs:68
16	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Inventory file = nexus/db-queries/src/authz/oso_generic.rs:68
17	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = IpPoolList file = nexus/db-queries/src/authz/oso_generic.rs:68
18	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = ConsoleSessionList file = nexus/db-queries/src/authz/oso_generic.rs:68
19	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = DeviceAuthRequestList file = nexus/db-queries/src/authz/oso_generic.rs:68
20	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SiloCertificateList file = nexus/db-queries/src/authz/oso_generic.rs:68
21	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SiloIdentityProviderList file = nexus/db-queries/src/authz/oso_generic.rs:68
22	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SiloUserList file = nexus/db-queries/src/authz/oso_generic.rs:68
23	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Project file = nexus/db-queries/src/authz/oso_generic.rs:68
24	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Disk file = nexus/db-queries/src/authz/oso_generic.rs:68
25	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Snapshot file = nexus/db-queries/src/authz/oso_generic.rs:68
26	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = ProjectImage file = nexus/db-queries/src/authz/oso_generic.rs:68
27	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Instance file = nexus/db-queries/src/authz/oso_generic.rs:68
28	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = IpPool file = nexus/db-queries/src/authz/oso_generic.rs:68
29	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = InstanceNetworkInterface file = nexus/db-queries/src/authz/oso_generic.rs:68
30	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Vpc file = nexus/db-queries/src/authz/oso_generic.rs:68
31	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = VpcRouter file = nexus/db-queries/src/authz/oso_generic.rs:68
32	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = RouterRoute file = nexus/db-queries/src/authz/oso_generic.rs:68
33	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = VpcSubnet file = nexus/db-queries/src/authz/oso_generic.rs:68
34	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Image file = nexus/db-queries/src/authz/oso_generic.rs:68
35	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SiloImage file = nexus/db-queries/src/authz/oso_generic.rs:68
36	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = AddressLot file = nexus/db-queries/src/authz/oso_generic.rs:68
37	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = LoopbackAddress file = nexus/db-queries/src/authz/oso_generic.rs:68
38	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Certificate file = nexus/db-queries/src/authz/oso_generic.rs:68
39	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = ConsoleSession file = nexus/db-queries/src/authz/oso_generic.rs:68
40	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = DeviceAuthRequest file = nexus/db-queries/src/authz/oso_generic.rs:68
41	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = DeviceAccessToken file = nexus/db-queries/src/authz/oso_generic.rs:68
42	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = PhysicalDisk file = nexus/db-queries/src/authz/oso_generic.rs:68
43	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Rack file = nexus/db-queries/src/authz/oso_generic.rs:68
44	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = RoleBuiltin file = nexus/db-queries/src/authz/oso_generic.rs:68
45	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SshKey file = nexus/db-queries/src/authz/oso_generic.rs:68
46	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Silo file = nexus/db-queries/src/authz/oso_generic.rs:68
47	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SiloUser file = nexus/db-queries/src/authz/oso_generic.rs:68
48	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SiloGroup file = nexus/db-queries/src/authz/oso_generic.rs:68
49	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = IdentityProvider file = nexus/db-queries/src/authz/oso_generic.rs:68
50	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = SamlIdentityProvider file = nexus/db-queries/src/authz/oso_generic.rs:68
51	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Sled file = nexus/db-queries/src/authz/oso_generic.rs:68
52	2023-11-16T16:44:34.951Z	INFO	nexus (ServerContext): registering Oso class class = Zpool file = nexus/db-queries/src/authz/oso_generic.rs:68
53	2023-11-16T16:44:34.952Z	INFO	nexus (ServerContext): registering Oso class class = Service file = nexus/db-queries/src/authz/oso_generic.rs:68
54	2023-11-16T16:44:34.952Z	INFO	nexus (ServerContext): registering Oso class class = UpdateArtifact file = nexus/db-queries/src/authz/oso_generic.rs:68
55	2023-11-16T16:44:34.952Z	INFO	nexus (ServerContext): registering Oso class class = UserBuiltin file = nexus/db-queries/src/authz/oso_generic.rs:68
56	2023-11-16T16:44:34.952Z	INFO	nexus (ServerContext): registering Oso class class = SystemUpdate file = nexus/db-queries/src/authz/oso_generic.rs:68
57	2023-11-16T16:44:34.952Z	INFO	nexus (ServerContext): registering Oso class class = UpdateDeployment file = nexus/db-queries/src/authz/oso_generic.rs:68
58	2023-11-16T16:44:34.952Z	INFO	nexus (ServerContext): full Oso configuration config = #\n# Oso configuration for Omicron\n# This file is augmented by generated snippets.\n#\n\n#\n# ACTOR TYPES AND BASIC RULES\n#\n\n# `AnyActor` includes both authenticated and unauthenticated users.\nactor AnyActor {}\n\n# An `AuthenticatedActor` has an identity in the system. All of our operations\n# today require that an actor be authenticated.\nactor AuthenticatedActor {}\n\n# For any resource, `actor` can perform action `action` on it if they're\n# authenticated and their role(s) give them the corresponding permission on that\n# resource.\nallow(actor: AnyActor, action: Action, resource) if\n actor.authenticated and\n has_permission(actor.authn_actor.unwrap(), action.to_perm(), resource);\n\n# Define role relationships\nhas_role(actor: AuthenticatedActor, role: String, resource: Resource)\n\tif resource.has_role(actor, role);\n\n#\n# ROLES AND PERMISSIONS IN THE FLEET/SILO/PROJECT HIERARCHY\n#\n# We define the following permissions for most resources in the system:\n#\n# - "create_child": required to create child resources (of any type)\n#\n# - "list_children": required to list child resources (of all types) of a\n# resource\n#\n# - "modify": required to modify or delete a resource\n#\n# - "read": required to read a resource\n#\n# We define the following predefined roles for only a few high-level resources:\n# the Fleet (see below), Silo, Organization, and Project. The specific roles\n# are oriented around intended use-cases:\n#\n# - "admin": has all permissions on the resource\n#\n# - "collaborator": has "read", "list_children", and "create_child", plus\n# the "admin" role for child resources. The idea is that if you're an\n# Organization Collaborator, you have full control over the Projects within\n# the Organization, but you cannot modify or delete the Organization itself.\n#\n# - "viewer": has "read" and "list_children" on a resource\n#\n# Below the Project level, permissions are granted via roles at the Project\n# level. For example, for someone to be able to create, modify, or delete any\n# Instances, they must be granted project.collaborator, which means they can\n# create, modify, or delete _all_ resources in the Project.\n#\n# The complete set of predefined roles:\n#\n# - fleet.admin (superuser for the whole system)\n# - fleet.collaborator (can manage Silos)\n# - fleet.viewer (can read most non-siloed resources in the system)\n# - silo.admin (superuser for the silo)\n# - silo.collaborator (can create and own Organizations)\n# - silo.viewer (can read most resources within the Silo)\n# - organization.admin (complete control over an organization)\n# - organization.collaborator (can manage Projects)\n# - organization.viewer (can read most resources within the Organization)\n# - project.admin (complete control over a Project)\n# - project.collaborator (can manage all resources within the Project)\n# - project.viewer (can read most resources within the Project)\n#\n# Outside the Silo/Organization/Project hierarchy, we (currently) treat most\n# resources as nested under Fleet or else a synthetic resource (see below). We\n# do not yet support role assignments on anything other than Fleet, Silo,\n# Organization, or Project.\n#\n\n# "Fleet" is a global singleton representing the whole system. The name comes\n# from the idea described in RFD 24, but it's not quite right. This probably\n# should be more like "Region" or "AvailabilityZone". The precise boundaries\n# have not yet been figured out.\nresource Fleet {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\n\troles = [\n\t # Roles that can be attached by users\n\t "admin",\n\t "collaborator",\n\t "viewer",\n\n\t # Internal-only roles\n\t "external-authenticator"\n\t];\n\n\t# Roles implied by other roles on this resource\n\t"viewer" if "collaborator";\n\t"collaborator" if "admin";\n\n\t# Permissions granted directly by roles on this resource\n\t"list_children" if "viewer";\n\t"read" if "viewer";\n\t"create_child" if "collaborator";\n\t"modify" if "admin";\n}\n\n# For fleets specifically, roles can be conferred by roles on the user's Silo.\nhas_role(actor: AuthenticatedActor, role: String, _: Fleet) if\n\tsilo_role in actor.confers_fleet_role(role) and\n\thas_role(actor, silo_role, actor.silo.unwrap());\n\nresource Silo {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\troles = [ "admin", "collaborator", "viewer" ];\n\n\t# Roles implied by other roles on this resource\n\t"viewer" if "collaborator";\n\t"collaborator" if "admin";\n\n\t# Permissions granted directly by roles on this resource\n\t"list_children" if "viewer";\n\t"read" if "viewer";\n\n\t"create_child" if "collaborator";\n\t"modify" if "admin";\n\n\t# Permissions implied by roles on this resource's parent (Fleet). Fleet\n\t# privileges allow a user to see and potentially administer the Silo,\n\t# but they do not give anyone permission to look at anything inside the\n\t# Silo. To achieve this, we use permission rules here. (If we granted\n\t# Fleet administrators _roles_ on the Silo, then those would cascade\n\t# into the Silo as well.)\n\trelations = { parent_fleet: Fleet };\n\t"read" if "viewer" on "parent_fleet";\n\t"modify" if "collaborator" on "parent_fleet";\n\n\t# external authenticator has to create silo users\n\t"list_children" if "external-authenticator" on "parent_fleet";\n\t"create_child" if "external-authenticator" on "parent_fleet";\n}\n\nhas_relation(fleet: Fleet, "parent_fleet", silo: Silo)\n\tif silo.fleet = fleet;\n\n# As a special case, all authenticated users can read their own Silo. That's\n# not quite the same as having the "viewer" role. For example, they cannot list\n# Organizations in the Silo.\n#\n# One reason this is necessary is because if an unprivileged user tries to\n# create an Organization using "POST /organizations", they should get back a 403\n# (which implies they're able to see /organizations, which is essentially seeing\n# the Silo itself) rather than a 404. This behavior isn't a hard constraint\n# (i.e., you could reasonably get a 404 for an API you're not allowed to call).\n# Nor is the implementation (i.e., we could special-case this endpoint somehow).\n# But granting this permission is the simplest way to keep this endpoint's\n# behavior consistent with the rest of the API.\n#\n# This rule is also used to determine if a user can list the identity providers\n# in the Silo (which they should be able to), since that's predicated on being\n# able to read the Silo.\n#\n# It's unclear what else would break if users couldn't see their own Silo.\nhas_permission(actor: AuthenticatedActor, "read", silo: Silo)\n\tif silo in actor.silo;\n\nresource Project {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\troles = [ "admin", "collaborator", "viewer" ];\n\n\t# Roles implied by other roles on this resource\n\t"viewer" if "collaborator";\n\t"collaborator" if "admin";\n\n\t# Permissions granted directly by roles on this resource\n\t"list_children" if "viewer";\n\t"read" if "viewer";\n\t"create_child" if "collaborator";\n\t"modify" if "admin";\n\n\t# Roles implied by roles on this resource's parent (Silo)\n\trelations = { parent_silo: Silo };\n\t"admin" if "collaborator" on "parent_silo";\n\t"viewer" if "viewer" on "parent_silo";\n}\nhas_relation(silo: Silo, "parent_silo", project: Project)\n\tif project.silo = silo;\n\n#\n# GENERAL RESOURCES OUTSIDE THE SILO/PROJECT HIERARCHY\n#\n# Many resources use snippets of Polar generated by the `authz_resource!` Rust\n# macro. Some resources require custom Polar code. Those appear here.\n#\n\nresource Certificate {\n\tpermissions = [ "read", "modify" ];\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Fleet-level and silo-level roles both grant privileges on certificates.\n\t"read" if "admin" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"read" if "admin" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", certificate: Certificate)\n\tif certificate.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", certificate: Certificate)\n\tif certificate.silo.fleet = fleet;\n\nresource SiloUser {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\n\t# Fleet and Silo administrators can manage a Silo's users. This is one\n\t# of the only areas of Silo configuration that Fleet Administrators have\n\t# permissions on.\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\t"list_children" if "read" on "parent_silo";\n\t"read" if "read" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n\t"list_children" if "read" on "parent_fleet";\n\t"read" if "read" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", user: SiloUser)\n\tif user.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", user: SiloUser)\n\tif user.silo.fleet = fleet;\n\n# authenticated actors have all permissions on themselves\nhas_permission(actor: AuthenticatedActor, _perm: String, silo_user: SiloUser)\n if actor.equals_silo_user(silo_user);\n\nhas_permission(actor: AuthenticatedActor, "read", silo_user: SiloUser)\n if silo_user.silo in actor.silo;\n\nresource SiloGroup {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "read",\n\t "create_child",\n\t];\n\n\trelations = { parent_silo: Silo };\n\t"list_children" if "read" on "parent_silo";\n\t"read" if "read" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n}\nhas_relation(silo: Silo, "parent_silo", group: SiloGroup)\n\tif group.silo = silo;\n\nresource SshKey {\n\tpermissions = [ "read", "modify" ];\n\trelations = { silo_user: SiloUser };\n\n\t"read" if "read" on "silo_user";\n\t"modify" if "modify" on "silo_user";\n}\nhas_relation(user: SiloUser, "silo_user", ssh_key: SshKey)\n\tif ssh_key.silo_user = user;\n\nresource IdentityProvider {\n\tpermissions = [\n\t "read",\n\t "modify",\n\t "create_child",\n\t "list_children",\n\t];\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Silo-level roles grant privileges on identity providers.\n\t"read" if "viewer" on "parent_silo";\n\t"list_children" if "viewer" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n\n\t# Fleet-level roles also grant privileges on identity providers.\n\t"read" if "viewer" on "parent_fleet";\n\t"list_children" if "viewer" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", identity_provider: IdentityProvider)\n\tif identity_provider.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: IdentityProvider)\n\tif collection.silo.fleet = fleet;\n\nresource SamlIdentityProvider {\n\tpermissions = [\n\t "read",\n\t "modify",\n\t "create_child",\n\t "list_children",\n\t];\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Silo-level roles grant privileges on identity providers.\n\t"read" if "viewer" on "parent_silo";\n\t"list_children" if "viewer" on "parent_silo";\n\t"modify" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_silo";\n\n\t# Fleet-level roles also grant privileges on identity providers.\n\t"read" if "viewer" on "parent_fleet";\n\t"list_children" if "viewer" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", saml_identity_provider: SamlIdentityProvider)\n\tif saml_identity_provider.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SamlIdentityProvider)\n\tif collection.silo.fleet = fleet;\n\n#\n# SYNTHETIC RESOURCES OUTSIDE THE SILO HIERARCHY\n#\n# The resources here do not correspond to anything that appears explicitly in\n# the API or is stored in the database. These are used either at the top level\n# of the API path (e.g., "/v1/system/ip-pools") or as an implementation detail of the system\n# (in the case of console sessions and "Database"). The policies are\n# either statically-defined in this file or driven by role assignments on the\n# Fleet. None of these resources defines their own roles.\n#\n\n# Describes the policy for reading and modifying DNS configuration\n# (both internal and external)\nresource DnsConfig {\n\tpermissions = [ "read", "modify" ];\n\trelations = { parent_fleet: Fleet };\n\t# "external-authenticator" requires these permissions because that's the\n\t# context that Nexus uses when creating and deleting Silos. These\n\t# operations necessarily need to read and modify DNS configuration.\n\t"read" if "external-authenticator" on "parent_fleet";\n\t"modify" if "external-authenticator" on "parent_fleet";\n\t# "admin" on the parent fleet also gets these permissions, primarily for\n\t# the test suite.\n\t"read" if "admin" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", dns_config: DnsConfig)\n\tif dns_config.fleet = fleet;\n\n# Describes the policy for reading and modifying low-level inventory\nresource Inventory {\n\tpermissions = [ "read", "modify" ];\n\trelations = { parent_fleet: Fleet };\n\t"read" if "viewer" on "parent_fleet";\n\t"modify" if "admin" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", inventory: Inventory)\n\tif inventory.fleet = fleet;\n\n# Describes the policy for accessing "/v1/system/ip-pools" in the API\nresource IpPoolList {\n\tpermissions = [\n\t "list_children",\n\t "modify",\n\t "create_child",\n\t];\n\n\t# Fleet Administrators can create or modify the IP Pools list.\n\trelations = { parent_fleet: Fleet };\n\t"modify" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n\n\t# Fleet Viewers can list IP Pools\n\t"list_children" if "viewer" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", ip_pool_list: IpPoolList)\n\tif ip_pool_list.fleet = fleet;\n\n# Any authenticated user can create a child of a provided IP Pool.\n# This is necessary to use the pools when provisioning instances.\nhas_permission(actor: AuthenticatedActor, "create_child", ip_pool: IpPool)\n\tif silo in actor.silo and silo.fleet = ip_pool.fleet;\n\n# Describes the policy for creating and managing web console sessions.\nresource ConsoleSessionList {\n\tpermissions = [ "create_child" ];\n\trelations = { parent_fleet: Fleet };\n\t"create_child" if "external-authenticator" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", collection: ConsoleSessionList)\n\tif collection.fleet = fleet;\n\n# Describes the policy for creating and managing device authorization requests.\nresource DeviceAuthRequestList {\n\tpermissions = [ "create_child" ];\n\trelations = { parent_fleet: Fleet };\n\t"create_child" if "external-authenticator" on "parent_fleet";\n}\nhas_relation(fleet: Fleet, "parent_fleet", collection: DeviceAuthRequestList)\n\tif collection.fleet = fleet;\n\n# Describes the policy for creating and managing Silo certificates\nresource SiloCertificateList {\n\tpermissions = [ "list_children", "create_child" ];\n\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Both Fleet and Silo administrators can see and modify the Silo's\n\t# certificates.\n\t"list_children" if "admin" on "parent_silo";\n\t"list_children" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", collection: SiloCertificateList)\n\tif collection.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SiloCertificateList)\n\tif collection.silo.fleet = fleet;\n\n# Describes the policy for creating and managing Silo identity providers\nresource SiloIdentityProviderList {\n\tpermissions = [ "list_children", "create_child" ];\n\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Everyone who can read the Silo (which includes all the users in the\n\t# Silo) can see the identity providers in it.\n\t"list_children" if "read" on "parent_silo";\n\n\t# Fleet and Silo administrators can manage the Silo's identity provider\n\t# configuration. This is one of the only areas of Silo configuration\n\t# that Fleet Administrators have permissions on. This is also one of\n\t# the only cases where we need to look two levels up the hierarchy to\n\t# see if somebody has the right permission. For most other things,\n\t# permissions cascade down the hierarchy so we only need to look at the\n\t# parent.\n\t"create_child" if "admin" on "parent_silo";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", collection: SiloIdentityProviderList)\n\tif collection.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SiloIdentityProviderList)\n\tif collection.silo.fleet = fleet;\n\n# Describes the policy for creating and managing Silo users (mostly intended for\n# API-managed users)\nresource SiloUserList {\n\tpermissions = [ "list_children", "create_child" ];\n\n\trelations = { parent_silo: Silo, parent_fleet: Fleet };\n\n\t# Everyone who can read the Silo (which includes all the users in the\n\t# Silo) can see the users in it.\n\t"list_children" if "read" on "parent_silo";\n\n\t# Fleet and Silo administrators can manage the Silo's users. This is\n\t# one of the only areas of Silo configuration that Fleet Administrators\n\t# have permissions on. This is also one of the few cases (so far) where\n\t# we need to look two levels up the hierarchy to see if somebody has the\n\t# right permission. For most other things, permissions cascade down the\n\t# hierarchy so we only need to look at the parent.\n\t"create_child" if "admin" on "parent_silo";\n\t"list_children" if "admin" on "parent_fleet";\n\t"create_child" if "admin" on "parent_fleet";\n}\nhas_relation(silo: Silo, "parent_silo", collection: SiloUserList)\n\tif collection.silo = silo;\nhas_relation(fleet: Fleet, "parent_fleet", collection: SiloUserList)\n\tif collection.silo.fleet = fleet;\n\n# These rules grants the external authenticator role the permissions it needs to\n# read silo users and modify their sessions. This is necessary for login to\n# work.\nhas_permission(actor: AuthenticatedActor, "read", silo: Silo)\n\tif has_role(actor, "external-authenticator", silo.fleet);\nhas_permission(actor: AuthenticatedActor, "read", user: SiloUser)\n\tif has_role(actor, "external-authenticator", user.silo.fleet);\nhas_permission(actor: AuthenticatedActor, "modify", user: SiloUser)\n\tif has_role(actor, "external-authenticator", user.silo.fleet);\nhas_permission(actor: AuthenticatedActor, "read", group: SiloGroup)\n\tif has_role(actor, "external-authenticator", group.silo.fleet);\nhas_permission(actor: AuthenticatedActor, "modify", group: SiloGroup)\n\tif has_role(actor, "external-authenticator", group.silo.fleet);\n\nhas_permission(actor: AuthenticatedActor, "read", session: ConsoleSession)\n\tif has_role(actor, "external-authenticator", session.fleet);\nhas_permission(actor: AuthenticatedActor, "modify", session: ConsoleSession)\n\tif has_role(actor, "external-authenticator", session.fleet);\n\n# All authenticated users can read and delete device authn requests because\n# by necessity these operations happen before we've figured out what user (or\n# even Silo) the device auth is associated with. Any user can claim a device\n# auth request with the right user code (that's how it works) -- it's the user\n# code and associated logic that prevents unauthorized access here.\nhas_permission(_actor: AuthenticatedActor, "read", _device_auth: DeviceAuthRequest);\nhas_permission(_actor: AuthenticatedActor, "modify", _device_auth: DeviceAuthRequest);\n\nhas_permission(actor: AuthenticatedActor, "read", device_token: DeviceAccessToken)\n\tif has_role(actor, "external-authenticator", device_token.fleet);\n\nhas_permission(actor: AuthenticatedActor, "read", identity_provider: IdentityProvider)\n\tif has_role(actor, "external-authenticator", identity_provider.silo.fleet);\n\nhas_permission(actor: AuthenticatedActor, "read", saml_identity_provider: SamlIdentityProvider)\n\tif has_role(actor, "external-authenticator", saml_identity_provider.silo.fleet);\n\n# Describes the policy for who can access the internal database.\nresource Database {\n\tpermissions = [\n\t # "query" is required to perform any query against the database,\n\t # whether a read or write query. This is checked when an operation\n\t # checks out a database connection from the connection pool.\n\t #\n\t # Any authenticated user gets this permission. There's generally\n\t # some other authz check involved in the database query. For\n\t # example, if you're querying the database to "read" a "Project", we\n\t # should also be checking that. So why do we do this at all? It's\n\t # a belt-and-suspenders measure so that if we somehow introduced an\n\t # unauthenticated code path that hits the database, it cannot be\n\t # used to DoS the database because we won't allow the operation to\n\t # make the query. (As long as the code path _is_ authenticated, we\n\t # can use throttling mechanisms to prevent DoS.)\n\t "query",\n\n\t # "modify" is required to populate database data that's delivered\n\t # with the system. It should also be required for schema changes,\n\t # when we support those. This is separate from "query" so that we\n\t # cannot accidentally invoke these code paths from API calls and\n\t # other general functions.\n\t "modify"\n\t];\n}\n\n# All authenticated users have the "query" permission on the database.\nhas_permission(_actor: AuthenticatedActor, "query", _resource: Database);\n\n# The "db-init" user is the only one with the "modify" permission.\nhas_permission(USER_DB_INIT: AuthenticatedActor, "modify", _resource: Database);\nhas_permission(USER_DB_INIT: AuthenticatedActor, "create_child", _resource: IpPoolList);\n# It also has "admin" on the internal silo to populate it with built-in resources.\n# TODO-completeness: actually limit to just internal silo and not all silos\nhas_role(USER_DB_INIT: AuthenticatedActor, "admin", _silo: Silo);\n\n# Allow the internal API admin permissions on all silos.\nhas_role(USER_INTERNAL_API: AuthenticatedActor, "admin", _silo: Silo);\n\n\n\n resource Disk {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Disk)\n if child.project = parent;\n \n\n resource Snapshot {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Snapshot)\n if child.project = parent;\n \n\n resource ProjectImage {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: ProjectImage)\n if child.project = parent;\n \n\n resource Instance {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Instance)\n if child.project = parent;\n \n\n resource IpPool {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: IpPool)\n if child.fleet = fleet;\n \n\n resource InstanceNetworkInterface {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: Instance\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: InstanceNetworkInterface)\n if has_relation(project, "containing_project", child.instance);\n\n has_relation(parent: Instance, "parent", child: InstanceNetworkInterface)\n if child.instance = parent;\n \n\n resource Vpc {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_project: Project };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(parent: Project, "containing_project", child: Vpc)\n if child.project = parent;\n \n\n resource VpcRouter {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: Vpc\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: VpcRouter)\n if has_relation(project, "containing_project", child.vpc);\n\n has_relation(parent: Vpc, "parent", child: VpcRouter)\n if child.vpc = parent;\n \n\n resource RouterRoute {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: VpcRouter\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: RouterRoute)\n if has_relation(project, "containing_project", child.vpc_router);\n\n has_relation(parent: VpcRouter, "parent", child: RouterRoute)\n if child.vpc_router = parent;\n \n\n resource VpcSubnet {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = {\n containing_project: Project,\n parent: Vpc\n };\n "list_children" if "viewer" on "containing_project";\n "read" if "viewer" on "containing_project";\n "modify" if "collaborator" on "containing_project";\n "create_child" if "collaborator" on "containing_project";\n }\n\n has_relation(project: Project, "containing_project", child: VpcSubnet)\n if has_relation(project, "containing_project", child.vpc);\n\n has_relation(parent: Vpc, "parent", child: VpcSubnet)\n if child.vpc = parent;\n \n\n resource Image {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_silo: Silo };\n "list_children" if "viewer" on "containing_silo";\n "read" if "viewer" on "containing_silo";\n "modify" if "collaborator" on "containing_silo";\n "create_child" if "collaborator" on "containing_silo";\n }\n\n has_relation(parent: Silo, "containing_silo", child: Image)\n if child.silo = parent;\n \n\n resource SiloImage {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n\n relations = { containing_silo: Silo };\n "list_children" if "viewer" on "containing_silo";\n "read" if "viewer" on "containing_silo";\n "modify" if "collaborator" on "containing_silo";\n "create_child" if "collaborator" on "containing_silo";\n }\n\n has_relation(parent: Silo, "containing_silo", child: SiloImage)\n if child.silo = parent;\n \n\n resource AddressLot {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: AddressLot)\n if child.fleet = fleet;\n \n\n resource LoopbackAddress {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: LoopbackAddress)\n if child.fleet = fleet;\n \n\n\n resource ConsoleSession {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: ConsoleSession)\n if child.fleet = fleet;\n \n\n resource DeviceAuthRequest {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: DeviceAuthRequest)\n if child.fleet = fleet;\n \n\n resource DeviceAccessToken {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: DeviceAccessToken)\n if child.fleet = fleet;\n \n\n resource PhysicalDisk {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: PhysicalDisk)\n if child.fleet = fleet;\n \n\n resource Rack {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Rack)\n if child.fleet = fleet;\n \n\n resource RoleBuiltin {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: RoleBuiltin)\n if child.fleet = fleet;\n \n\n\n\n\n\n\n\n resource Sled {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Sled)\n if child.fleet = fleet;\n \n\n resource Zpool {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Zpool)\n if child.fleet = fleet;\n \n\n resource Service {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: Service)\n if child.fleet = fleet;\n \n\n resource UpdateArtifact {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: UpdateArtifact)\n if child.fleet = fleet;\n \n\n resource UserBuiltin {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: UserBuiltin)\n if child.fleet = fleet;\n \n\n resource SystemUpdate {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: SystemUpdate)\n if child.fleet = fleet;\n \n\n resource UpdateDeployment {\n permissions = [\n "list_children",\n "modify",\n "read",\n "create_child",\n ];\n \n relations = { parent_fleet: Fleet };\n "list_children" if "viewer" on "parent_fleet";\n "read" if "viewer" on "parent_fleet";\n "modify" if "admin" on "parent_fleet";\n "create_child" if "admin" on "parent_fleet";\n }\n has_relation(fleet: Fleet, "parent_fleet", child: UpdateDeployment)\n if child.fleet = fleet;\n file = nexus/db-queries/src/authz/oso_generic.rs:89
59	2023-11-16T16:44:34.965Z	INFO	nexus (ServerContext): Setting up resolver using DNS servers for subnet: Ipv6Subnet { net: Ipv6Net(Ipv6Network { addr: fd00:1122:3344::, prefix: 48 }) } file = nexus/src/context.rs:142
60	2023-11-16T16:44:34.967Z	INFO	nexus (DnsResolver): new DNS resolver addresses = [[fd00:1122:3344:1::1]:53, [fd00:1122:3344:2::1]:53, [fd00:1122:3344:3::1]:53, [fd00:1122:3344:4::1]:53, [fd00:1122:3344:5::1]:53] file = internal-dns/src/resolver.rs:60
61	2023-11-16T16:44:34.968Z	INFO	nexus (ServerContext): Accessing DB url from DNS file = nexus/src/context.rs:171
62	2023-11-16T16:44:34.976Z	DEBG	nexus (DnsResolver): lookup_all_socket_v6 srv dns_name = _cockroach._tcp.control-plane.oxide.internal response = SrvLookup(Lookup { query: Query { name: Name("_cockroach._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("348a1ef3-a73a-4c76-be1f-4381eae21a4a.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("9dae3121-eed4-40e0-8010-e740eab05c67.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("b3575ba2-6ef2-4d19-bb6a-662e8f854d74.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("c0b8c479-e04e-4abe-ac1a-03e6aa7929cc.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("_cockroach._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 32221, target: Name("dfe696c3-b56e-4518-8b2f-b8fe03ad2e8b.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dfe696c3-b56e-4518-8b2f-b8fe03ad2e8b.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::3)) }], valid_until: Instant { tv_sec: 7194, tv_nsec: 686738275 } })
63	2023-11-16T16:44:34.978Z	INFO	nexus (ServerContext): DB addresses: [fd00:1122:3344:101::5]:32221,[fd00:1122:3344:101::7]:32221,[fd00:1122:3344:101::6]:32221,[fd00:1122:3344:101::4]:32221,[fd00:1122:3344:101::3]:32221 file = nexus/src/context.rs:201
64	2023-11-16T16:44:34.978Z	INFO	nexus (db::Pool): database connection pool database_url = postgresql://root@[fd00:1122:3344:101::5]:32221,[fd00:1122:3344:101::7]:32221,[fd00:1122:3344:101::6]:32221,[fd00:1122:3344:101::4]:32221,[fd00:1122:3344:101::3]:32221/omicron?sslmode=disable file = nexus/db-queries/src/db/pool.rs:75
65	2023-11-16T16:44:34.994Z	INFO	nexus: Compatible database schema: 10.0.0 file = nexus/db-queries/src/db/datastore/db_metadata.rs:110
66	2023-11-16T16:44:34.996Z	INFO	nexus (SEC): SEC running file = /home/build/.cargo/registry/src/index.crates.io-6f17d22bba15001f/steno-0.4.0/src/sec.rs:811 sec_id = 54ec747e-1485-4343-b58a-a1f26532aae3
67	2023-11-16T16:44:34.996Z	DEBG	nexus (DnsResolver): lookup_all_ipv6 srv dns_name = _dendrite._tcp.control-plane.oxide.internal response = SrvLookup(Lookup { query: Query { name: Name("_dendrite._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_dendrite._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12224, target: Name("dendrite-b8831f08-3582-4024-b531-d56889de7232.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-b8831f08-3582-4024-b531-d56889de7232.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 7194, tv_nsec: 707958467 } })
68	2023-11-16T16:44:34.997Z	INFO	nexus (Nexus): Determining switch slots managed by switch zones file = nexus/src/app/mod.rs:847
69	2023-11-16T16:44:35.062Z	INFO	nexus (Nexus): determining switch slot managed by dendrite zone file = nexus/src/app/mod.rs:855 zone_address = fd00:1122:3344:101::2
70	2023-11-16T16:44:35.062Z	DEBG	nexus (MgsClient): client request body = None method = GET uri = http://[fd00:1122:3344:101::2]:12225/local/switch-id
71	2023-11-16T16:44:35.064Z	DEBG	nexus (MgsClient): client response result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/local/switch-id", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "34db25f6-9763-4f7e-bcd5-8bb0089aa09e", "content-length": "26", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
72	2023-11-16T16:44:35.065Z	INFO	nexus (Nexus): identified switch slot for dendrite zone file = nexus/src/app/mod.rs:860 slot = SpIdentifier {\n slot: 0,\n type_: Switch,\n} zone_address = fd00:1122:3344:101::2
73	2023-11-16T16:44:35.066Z	INFO	nexus (Nexus): completed mapping dendrite zones to switch slots file = nexus/src/app/mod.rs:892 mappings = {\n Switch0: fd00:1122:3344:101::2,\n}
74	2023-11-16T16:44:35.098Z	DEBG	nexus (DnsResolver): lookup_all_ipv6 srv dns_name = _dendrite._tcp.control-plane.oxide.internal response = SrvLookup(Lookup { query: Query { name: Name("_dendrite._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_dendrite._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12224, target: Name("dendrite-b8831f08-3582-4024-b531-d56889de7232.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-b8831f08-3582-4024-b531-d56889de7232.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 7194, tv_nsec: 809183176 } })
75	2023-11-16T16:44:35.098Z	INFO	nexus (Nexus): Determining switch slots managed by switch zones file = nexus/src/app/mod.rs:847
76	2023-11-16T16:44:35.133Z	INFO	nexus (Nexus): determining switch slot managed by dendrite zone file = nexus/src/app/mod.rs:855 zone_address = fd00:1122:3344:101::2
77	2023-11-16T16:44:35.133Z	DEBG	nexus (MgsClient): client request body = None method = GET uri = http://[fd00:1122:3344:101::2]:12225/local/switch-id
78	2023-11-16T16:44:35.133Z	DEBG	nexus (MgsClient): client response result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/local/switch-id", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "fab6be68-92d4-4b46-b299-36e91020ca4e", "content-length": "26", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
79	2023-11-16T16:44:35.134Z	INFO	nexus (Nexus): identified switch slot for dendrite zone file = nexus/src/app/mod.rs:860 slot = SpIdentifier {\n slot: 0,\n type_: Switch,\n} zone_address = fd00:1122:3344:101::2
80	2023-11-16T16:44:35.134Z	INFO	nexus (Nexus): completed mapping dendrite zones to switch slots file = nexus/src/app/mod.rs:892 mappings = {\n Switch0: fd00:1122:3344:101::2,\n}
81	2023-11-16T16:44:35.174Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
82	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_config_external dns_group = external iteration = 1 reason = Timeout
83	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_propagation_internal dns_group = internal iteration = 1 reason = Timeout
84	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_config_internal dns_group = internal iteration = 1 reason = Timeout
85	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_servers_internal dns_group = internal iteration = 1 reason = Timeout
86	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_servers_external dns_group = external iteration = 1 reason = Timeout
87	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_propagation_external dns_group = external iteration = 1 reason = Timeout
88	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = inventory_collection iteration = 1 reason = Timeout
89	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activating background_task = external_endpoints iteration = 1 reason = Timeout
90	2023-11-16T16:44:35.177Z	WARN	nexus (BackgroundTasks): DNS propagation: skipped background_task = dns_propagation_internal dns_group = internal file = nexus/src/app/background/dns_propagation.rs:65 reason = no config nor servers
91	2023-11-16T16:44:35.177Z	WARN	nexus (BackgroundTasks): DNS propagation: skipped background_task = dns_propagation_external dns_group = external file = nexus/src/app/background/dns_propagation.rs:65 reason = no config nor servers
92	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_propagation_internal dns_group = internal elapsed = 452.493\u{b5}s iteration = 1
93	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_propagation_external dns_group = external elapsed = 460.183\u{b5}s iteration = 1
94	2023-11-16T16:44:35.177Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {} }
95	2023-11-16T16:44:35.178Z	DEBG	nexus (BackgroundTasks): reading DNS version background_task = dns_config_internal dns_group = internal
96	2023-11-16T16:44:35.178Z	DEBG	nexus (BackgroundTasks): reading DNS version background_task = dns_config_external dns_group = external
97	2023-11-16T16:44:35.178Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_internal dns_group = internal roles = RoleSet { roles: {} }
98	2023-11-16T16:44:35.178Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_external dns_group = external roles = RoleSet { roles: {} }
99	2023-11-16T16:44:35.178Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_external dns_group = external roles = RoleSet { roles: {} }
100	2023-11-16T16:44:35.178Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_internal dns_group = internal roles = RoleSet { roles: {} }
101	2023-11-16T16:44:35.178Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {} }
102	2023-11-16T16:44:35.180Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
103	2023-11-16T16:44:35.180Z	DEBG	nexus (DataLoader): attempting to create built-in users
104	2023-11-16T16:44:35.180Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
105	2023-11-16T16:44:35.181Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = Database result = Ok(())
106	2023-11-16T16:44:35.181Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_external dns_group = external resource = Database result = Ok(())
107	2023-11-16T16:44:35.181Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
108	2023-11-16T16:44:35.182Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Database result = Ok(())
109	2023-11-16T16:44:35.182Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_external dns_group = external resource = Database result = Ok(())
110	2023-11-16T16:44:35.183Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_internal dns_group = internal resource = Database result = Ok(())
111	2023-11-16T16:44:35.183Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_internal dns_group = internal resource = Database result = Ok(())
112	2023-11-16T16:44:35.183Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_external dns_group = external roles = RoleSet { roles: {} }
113	2023-11-16T16:44:35.184Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_external dns_group = external resource = Database result = Ok(())
114	2023-11-16T16:44:35.184Z	INFO	nexus (SagaRecoverer): start saga recovery file = nexus/db-queries/src/db/saga_recovery.rs:77
115	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = GET path = /artifacts/{kind}/{name}/{version}
116	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = GET path = /bgtasks
117	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = GET path = /bgtasks/{bgtask_name}
118	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = POST path = /disk/{disk_id}/remove-read-only-parent
119	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = PUT path = /disks/{disk_id}
120	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = PUT path = /instances/{instance_id}
121	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = GET path = /metrics/collect/{producer_id}
122	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = POST path = /metrics/collectors
123	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = POST path = /metrics/producers
124	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = DELETE path = /physical-disk
125	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = PUT path = /physical-disk
126	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = PUT path = /racks/{rack_id}/initialization-complete
127	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = GET path = /sagas
128	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = GET path = /sagas/{saga_id}
129	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = POST path = /sled-agents/{sled_id}
130	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = PUT path = /sled-agents/{sled_id}/zpools/{zpool_id}
131	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = PUT path = /switch/{switch_id}
132	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): registered endpoint local_addr = [fd00:1122:3344:101::a]:12221 method = POST path = /volume/{volume_id}/remove-read-only-parent
133	2023-11-16T16:44:35.190Z	INFO	nexus (dropshot_internal): listening file = /home/build/.cargo/git/checkouts/dropshot-a4a923d29dccc492/ff87a01/dropshot/src/server.rs:195 local_addr = [fd00:1122:3344:101::a]:12221
134	2023-11-16T16:44:35.190Z	DEBG	nexus (dropshot_internal): successfully registered DTrace USDT probes local_addr = [fd00:1122:3344:101::a]:12221
135	2023-11-16T16:44:35.190Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
136	2023-11-16T16:44:35.193Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
137	2023-11-16T16:44:35.200Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_internal dns_group = internal roles = RoleSet { roles: {} }
138	2023-11-16T16:44:35.200Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_internal dns_group = internal resource = Database result = Ok(())
139	2023-11-16T16:44:35.207Z	INFO	nexus (DataLoader): created 5 built-in users file = nexus/db-queries/src/db/datastore/silo_user.rs:394
140	2023-11-16T16:44:35.207Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
141	2023-11-16T16:44:35.208Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
142	2023-11-16T16:44:35.208Z	DEBG	nexus (DataLoader): attempting to create built-in roles
143	2023-11-16T16:44:35.208Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
144	2023-11-16T16:44:35.208Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
145	2023-11-16T16:44:35.214Z	WARN	nexus: Cannot look up rack: Object (of type ById(0b31008b-c9a5-401c-bb0b-8c7157b38140)) not found: rack file = nexus/src/app/rack.rs:567
146	2023-11-16T16:44:35.225Z	INFO	nexus (DataLoader): created 10 built-in roles file = nexus/db-queries/src/db/datastore/role.rs:87
147	2023-11-16T16:44:35.225Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
148	2023-11-16T16:44:35.226Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
149	2023-11-16T16:44:35.226Z	DEBG	nexus (DataLoader): attempting to create built-in role assignments
150	2023-11-16T16:44:35.226Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
151	2023-11-16T16:44:35.226Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
152	2023-11-16T16:44:35.258Z	INFO	nexus (SagaRecoverer): listed sagas (0 total) file = nexus/db-queries/src/db/saga_recovery.rs:113
153	2023-11-16T16:44:35.261Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {} }
154	2023-11-16T16:44:35.261Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_external dns_group = external roles = RoleSet { roles: {} }
155	2023-11-16T16:44:35.261Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_internal dns_group = internal roles = RoleSet { roles: {} }
156	2023-11-16T16:44:35.261Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_internal dns_group = internal roles = RoleSet { roles: {} }
157	2023-11-16T16:44:35.261Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {} }
158	2023-11-16T16:44:35.261Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_external dns_group = external roles = RoleSet { roles: {} }
159	2023-11-16T16:44:35.265Z	DEBG	nexus (BackgroundTasks): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Inventory result = Err(Forbidden)
160	2023-11-16T16:44:35.265Z	WARN	nexus (BackgroundTasks): inventory collection failed background_task = inventory_collection error = failed to collect inventory: pruning old collections: Forbidden file = nexus/src/app/background/inventory_collection.rs:69
161	2023-11-16T16:44:35.265Z	DEBG	nexus (BackgroundTasks): activation complete background_task = inventory_collection elapsed = 88.864209ms iteration = 1
162	2023-11-16T16:44:35.267Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_internal dns_group = internal resource = Fleet result = Err(Forbidden)
163	2023-11-16T16:44:35.267Z	WARN	nexus (BackgroundTasks): failed to read list of DNS servers background_task = dns_servers_internal dns_group = internal error = Forbidden file = nexus/src/app/background/dns_servers.rs:102
164	2023-11-16T16:44:35.267Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_servers_internal dns_group = internal elapsed = 91.111961ms iteration = 1
165	2023-11-16T16:44:35.267Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_external dns_group = external resource = Fleet result = Err(Forbidden)
166	2023-11-16T16:44:35.267Z	WARN	nexus (BackgroundTasks): failed to read list of DNS servers background_task = dns_servers_external dns_group = external error = Forbidden file = nexus/src/app/background/dns_servers.rs:102
167	2023-11-16T16:44:35.267Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_servers_external dns_group = external elapsed = 91.129281ms iteration = 1
168	2023-11-16T16:44:35.268Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_internal dns_group = internal resource = DnsConfig result = Err(Forbidden)
169	2023-11-16T16:44:35.268Z	WARN	nexus (BackgroundTasks): failed to read DNS config background_task = dns_config_internal dns_group = internal error = Forbidden file = nexus/src/app/background/dns_config.rs:76
170	2023-11-16T16:44:35.268Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_config_internal dns_group = internal elapsed = 91.395913ms iteration = 1
171	2023-11-16T16:44:35.268Z	INFO	nexus (DataLoader): created 4 built-in role assignments file = nexus/db-queries/src/db/datastore/role.rs:116
172	2023-11-16T16:44:35.268Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
173	2023-11-16T16:44:35.268Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_external dns_group = external resource = DnsConfig result = Err(Forbidden)
174	2023-11-16T16:44:35.268Z	WARN	nexus (BackgroundTasks): failed to read DNS config background_task = dns_config_external dns_group = external error = Forbidden file = nexus/src/app/background/dns_config.rs:76
175	2023-11-16T16:44:35.268Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_config_external dns_group = external elapsed = 91.723434ms iteration = 1
176	2023-11-16T16:44:35.269Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
177	2023-11-16T16:44:35.269Z	DEBG	nexus (DataLoader): attempting to create built-in silos
178	2023-11-16T16:44:35.269Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
179	2023-11-16T16:44:35.270Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
180	2023-11-16T16:44:35.270Z	DEBG	nexus (BackgroundTasks): authorize result action = ListChildren actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = Fleet result = Err(Forbidden)
181	2023-11-16T16:44:35.270Z	WARN	nexus (BackgroundTasks): failed to read Silo/DNS/TLS configuration background_task = external_endpoints error = Forbidden file = nexus/src/app/background/external_endpoints.rs:59
182	2023-11-16T16:44:35.270Z	DEBG	nexus (BackgroundTasks): activation complete background_task = external_endpoints elapsed = 93.367944ms iteration = 1
183	2023-11-16T16:44:35.338Z	INFO	nexus (DataLoader): created 2 built-in silos file = nexus/db-queries/src/db/datastore/silo.rs:70
184	2023-11-16T16:44:35.338Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
185	2023-11-16T16:44:35.339Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
186	2023-11-16T16:44:35.344Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
187	2023-11-16T16:44:35.345Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
188	2023-11-16T16:44:35.345Z	DEBG	nexus (DataLoader): attempting to create built-in projects
189	2023-11-16T16:44:35.345Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
190	2023-11-16T16:44:35.346Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
191	2023-11-16T16:44:35.350Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
192	2023-11-16T16:44:35.350Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
193	2023-11-16T16:44:35.352Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
194	2023-11-16T16:44:35.352Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
195	2023-11-16T16:44:35.354Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
196	2023-11-16T16:44:35.355Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) } result = Ok(())
197	2023-11-16T16:44:35.355Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
198	2023-11-16T16:44:35.355Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
199	2023-11-16T16:44:35.357Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
200	2023-11-16T16:44:35.357Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
201	2023-11-16T16:44:35.359Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
202	2023-11-16T16:44:35.360Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) } result = Ok(())
203	2023-11-16T16:44:35.360Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
204	2023-11-16T16:44:35.361Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
205	2023-11-16T16:44:35.378Z	INFO	nexus (DataLoader): created built-in services project file = nexus/db-queries/src/db/datastore/project.rs:122
206	2023-11-16T16:44:35.378Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
207	2023-11-16T16:44:35.379Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
208	2023-11-16T16:44:35.379Z	DEBG	nexus (DataLoader): attempting to create built-in VPCs
209	2023-11-16T16:44:35.379Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
210	2023-11-16T16:44:35.379Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
211	2023-11-16T16:44:35.386Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
212	2023-11-16T16:44:35.387Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
213	2023-11-16T16:44:35.388Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
214	2023-11-16T16:44:35.388Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
215	2023-11-16T16:44:35.417Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
216	2023-11-16T16:44:35.418Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
217	2023-11-16T16:44:35.419Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
218	2023-11-16T16:44:35.419Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
219	2023-11-16T16:44:35.420Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
220	2023-11-16T16:44:35.423Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) } result = Ok(())
221	2023-11-16T16:44:35.423Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
222	2023-11-16T16:44:35.423Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
223	2023-11-16T16:44:35.424Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
224	2023-11-16T16:44:35.424Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
225	2023-11-16T16:44:35.426Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
226	2023-11-16T16:44:35.426Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
227	2023-11-16T16:44:35.427Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
228	2023-11-16T16:44:35.429Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) } result = Ok(())
229	2023-11-16T16:44:35.429Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
230	2023-11-16T16:44:35.430Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
231	2023-11-16T16:44:35.443Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
232	2023-11-16T16:44:35.443Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
233	2023-11-16T16:44:35.450Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
234	2023-11-16T16:44:35.450Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
235	2023-11-16T16:44:35.452Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
236	2023-11-16T16:44:35.452Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
237	2023-11-16T16:44:35.480Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
238	2023-11-16T16:44:35.480Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
239	2023-11-16T16:44:35.481Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
240	2023-11-16T16:44:35.484Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ByName("oxide-services") } result = Ok(())
241	2023-11-16T16:44:35.484Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
242	2023-11-16T16:44:35.484Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
243	2023-11-16T16:44:35.527Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
244	2023-11-16T16:44:35.527Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
245	2023-11-16T16:44:35.528Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
246	2023-11-16T16:44:35.528Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
247	2023-11-16T16:44:35.530Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
248	2023-11-16T16:44:35.530Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
249	2023-11-16T16:44:35.531Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
250	2023-11-16T16:44:35.535Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = VpcRouter { parent: Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ByName("oxide-services") }, key: 001de000-074c-4000-8000-000000000001, lookup_type: ById(001de000-074c-4000-8000-000000000001) } result = Ok(())
251	2023-11-16T16:44:35.535Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
252	2023-11-16T16:44:35.535Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
253	2023-11-16T16:44:35.579Z	DEBG	nexus (DataLoader): attempting to create built-in VPC firewall rules
254	2023-11-16T16:44:35.579Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
255	2023-11-16T16:44:35.579Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
256	2023-11-16T16:44:35.581Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
257	2023-11-16T16:44:35.581Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
258	2023-11-16T16:44:35.582Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
259	2023-11-16T16:44:35.583Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
260	2023-11-16T16:44:35.585Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
261	2023-11-16T16:44:35.585Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
262	2023-11-16T16:44:35.586Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
263	2023-11-16T16:44:35.586Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
264	2023-11-16T16:44:35.588Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
265	2023-11-16T16:44:35.588Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
266	2023-11-16T16:44:35.589Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
267	2023-11-16T16:44:35.592Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) } result = Ok(())
268	2023-11-16T16:44:35.592Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
269	2023-11-16T16:44:35.593Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
270	2023-11-16T16:44:35.594Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
271	2023-11-16T16:44:35.594Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
272	2023-11-16T16:44:35.595Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
273	2023-11-16T16:44:35.596Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
274	2023-11-16T16:44:35.597Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
275	2023-11-16T16:44:35.600Z	DEBG	nexus (DataLoader): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) } result = Ok(())
276	2023-11-16T16:44:35.600Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
277	2023-11-16T16:44:35.600Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
278	2023-11-16T16:44:35.603Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
279	2023-11-16T16:44:35.603Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
280	2023-11-16T16:44:35.604Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
281	2023-11-16T16:44:35.604Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
282	2023-11-16T16:44:35.632Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
283	2023-11-16T16:44:35.633Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
284	2023-11-16T16:44:35.634Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
285	2023-11-16T16:44:35.637Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) } result = Ok(())
286	2023-11-16T16:44:35.637Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
287	2023-11-16T16:44:35.637Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
288	2023-11-16T16:44:35.729Z	INFO	nexus (DataLoader): created built-in VPC firewall rules file = nexus/db-queries/src/db/datastore/vpc.rs:219
289	2023-11-16T16:44:35.729Z	DEBG	nexus (DataLoader): attempting to create built-in VPC Subnets
290	2023-11-16T16:44:35.729Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
291	2023-11-16T16:44:35.729Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
292	2023-11-16T16:44:35.738Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
293	2023-11-16T16:44:35.739Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
294	2023-11-16T16:44:35.740Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
295	2023-11-16T16:44:35.740Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
296	2023-11-16T16:44:35.742Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
297	2023-11-16T16:44:35.742Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
298	2023-11-16T16:44:35.743Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
299	2023-11-16T16:44:35.743Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
300	2023-11-16T16:44:35.744Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
301	2023-11-16T16:44:35.745Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
302	2023-11-16T16:44:35.746Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
303	2023-11-16T16:44:35.749Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) } result = Ok(())
304	2023-11-16T16:44:35.749Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
305	2023-11-16T16:44:35.749Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
306	2023-11-16T16:44:35.755Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
307	2023-11-16T16:44:35.756Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
308	2023-11-16T16:44:35.757Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
309	2023-11-16T16:44:35.757Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
310	2023-11-16T16:44:35.758Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
311	2023-11-16T16:44:35.758Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
312	2023-11-16T16:44:35.760Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
313	2023-11-16T16:44:35.763Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) } result = Ok(())
314	2023-11-16T16:44:35.768Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
315	2023-11-16T16:44:35.769Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
316	2023-11-16T16:44:35.770Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
317	2023-11-16T16:44:35.770Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
318	2023-11-16T16:44:35.771Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
319	2023-11-16T16:44:35.772Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
320	2023-11-16T16:44:35.773Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
321	2023-11-16T16:44:35.773Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
322	2023-11-16T16:44:35.775Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
323	2023-11-16T16:44:35.778Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) } result = Ok(())
324	2023-11-16T16:44:35.783Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
325	2023-11-16T16:44:35.783Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
326	2023-11-16T16:44:35.784Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
327	2023-11-16T16:44:35.784Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
328	2023-11-16T16:44:35.786Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
329	2023-11-16T16:44:35.786Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
330	2023-11-16T16:44:35.787Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
331	2023-11-16T16:44:35.787Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
332	2023-11-16T16:44:35.788Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
333	2023-11-16T16:44:35.791Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Vpc { parent: Project { parent: Silo { parent: Fleet, key: 001de000-5110-4000-8000-000000000001, lookup_type: ById(001de000-5110-4000-8000-000000000001) }, key: 001de000-4401-4000-8000-000000000000, lookup_type: ById(001de000-4401-4000-8000-000000000000) }, key: 001de000-074c-4000-8000-000000000000, lookup_type: ById(001de000-074c-4000-8000-000000000000) } result = Ok(())
334	2023-11-16T16:44:35.796Z	INFO	nexus (DataLoader): created built-in services vpc subnets file = nexus/db-queries/src/db/datastore/vpc.rs:262
335	2023-11-16T16:44:35.796Z	INFO	nexus (DataLoader): created built-in services vpc file = nexus/db-queries/src/db/datastore/vpc.rs:165
336	2023-11-16T16:44:35.796Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
337	2023-11-16T16:44:35.797Z	DEBG	nexus (DataLoader): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
338	2023-11-16T16:44:35.797Z	DEBG	nexus (DataLoader): attempting to create silo users
339	2023-11-16T16:44:35.797Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
340	2023-11-16T16:44:35.797Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
341	2023-11-16T16:44:35.805Z	INFO	nexus (DataLoader): created 2 silo users file = nexus/db-queries/src/db/datastore/silo_user.rs:419
342	2023-11-16T16:44:35.805Z	DEBG	nexus (DataLoader): attempting to create silo user role assignments
343	2023-11-16T16:44:35.805Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
344	2023-11-16T16:44:35.805Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
345	2023-11-16T16:44:35.809Z	INFO	nexus (DataLoader): created 2 silo user role assignments file = nexus/db-queries/src/db/datastore/silo_user.rs:444
346	2023-11-16T16:44:35.809Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
347	2023-11-16T16:44:35.809Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
348	2023-11-16T16:44:35.813Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
349	2023-11-16T16:44:35.813Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
350	2023-11-16T16:44:35.817Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
351	2023-11-16T16:44:35.818Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
352	2023-11-16T16:44:35.819Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
353	2023-11-16T16:44:35.820Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = IpPoolList result = Ok(())
354	2023-11-16T16:44:35.820Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
355	2023-11-16T16:44:35.820Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
356	2023-11-16T16:44:35.832Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
357	2023-11-16T16:44:35.832Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
358	2023-11-16T16:44:35.834Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
359	2023-11-16T16:44:35.835Z	DEBG	nexus (DataLoader): authorize result action = CreateChild actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = IpPoolList result = Ok(())
360	2023-11-16T16:44:35.835Z	DEBG	nexus (DataLoader): roles roles = RoleSet { roles: {} }
361	2023-11-16T16:44:35.835Z	DEBG	nexus (DataLoader): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000001, .. }) resource = Database result = Ok(())
362	2023-11-16T16:44:35.838Z	INFO	nexus: populate complete; activating background tasks file = nexus/src/app/mod.rs:448
363	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_propagation_internal dns_group = internal iteration = 2 reason = Signaled
364	2023-11-16T16:44:35.838Z	WARN	nexus (BackgroundTasks): DNS propagation: skipped background_task = dns_propagation_internal dns_group = internal file = nexus/src/app/background/dns_propagation.rs:65 reason = no config nor servers
365	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_propagation_internal dns_group = internal elapsed = 7.97\u{b5}s iteration = 2
366	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_servers_internal dns_group = internal iteration = 2 reason = Signaled
367	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_config_external dns_group = external iteration = 2 reason = Signaled
368	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): reading DNS version background_task = dns_config_external dns_group = external
369	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_internal dns_group = internal roles = RoleSet { roles: {} }
370	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_external dns_group = external roles = RoleSet { roles: {} }
371	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activating background_task = external_endpoints iteration = 2 reason = Signaled
372	2023-11-16T16:44:35.838Z	DEBG	nexus (Bootstore): roles roles = RoleSet { roles: {} }
373	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {} }
374	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_propagation_external dns_group = external iteration = 2 reason = Signaled
375	2023-11-16T16:44:35.838Z	WARN	nexus (BackgroundTasks): DNS propagation: skipped background_task = dns_propagation_external dns_group = external file = nexus/src/app/background/dns_propagation.rs:65 reason = no config nor servers
376	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_propagation_external dns_group = external elapsed = 14.28\u{b5}s iteration = 2
377	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_config_internal dns_group = internal iteration = 2 reason = Signaled
378	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): reading DNS version background_task = dns_config_internal dns_group = internal
379	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_internal dns_group = internal roles = RoleSet { roles: {} }
380	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_servers_external dns_group = external iteration = 2 reason = Signaled
381	2023-11-16T16:44:35.838Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_external dns_group = external roles = RoleSet { roles: {} }
382	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_internal dns_group = internal resource = Database result = Ok(())
383	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_external dns_group = external resource = Database result = Ok(())
384	2023-11-16T16:44:35.839Z	DEBG	nexus (Bootstore): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) resource = Database result = Ok(())
385	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_external dns_group = external resource = Database result = Ok(())
386	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_internal dns_group = internal resource = Database result = Ok(())
387	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = Database result = Ok(())
388	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): activating background_task = inventory_collection iteration = 2 reason = Signaled
389	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {} }
390	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Database result = Ok(())
391	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_internal dns_group = internal roles = RoleSet { roles: {} }
392	2023-11-16T16:44:35.839Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_internal dns_group = internal resource = Database result = Ok(())
393	2023-11-16T16:44:35.840Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_internal dns_group = internal roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
394	2023-11-16T16:44:35.840Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
395	2023-11-16T16:44:35.840Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_external dns_group = external roles = RoleSet { roles: {} }
396	2023-11-16T16:44:35.841Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
397	2023-11-16T16:44:35.841Z	DEBG	nexus (Bootstore): roles roles = RoleSet { roles: {} }
398	2023-11-16T16:44:35.841Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_external dns_group = external resource = Database result = Ok(())
399	2023-11-16T16:44:35.841Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_internal dns_group = internal roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
400	2023-11-16T16:44:35.841Z	DEBG	nexus (Bootstore): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) resource = Database result = Ok(())
401	2023-11-16T16:44:35.841Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_external dns_group = external roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
402	2023-11-16T16:44:35.842Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_config_external dns_group = external roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
403	2023-11-16T16:44:35.842Z	DEBG	nexus (Bootstore): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
404	2023-11-16T16:44:35.844Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_internal dns_group = internal resource = Fleet result = Ok(())
405	2023-11-16T16:44:35.844Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_internal dns_group = internal roles = RoleSet { roles: {} }
406	2023-11-16T16:44:35.844Z	DEBG	nexus (BackgroundTasks): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Inventory result = Ok(())
407	2023-11-16T16:44:35.844Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {} }
408	2023-11-16T16:44:35.844Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_internal dns_group = internal resource = Database result = Ok(())
409	2023-11-16T16:44:35.845Z	DEBG	nexus (BackgroundTasks): authorize result action = ListChildren actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = Fleet result = Ok(())
410	2023-11-16T16:44:35.845Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {} }
411	2023-11-16T16:44:35.845Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Database result = Ok(())
412	2023-11-16T16:44:35.845Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = Database result = Ok(())
413	2023-11-16T16:44:35.846Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_external dns_group = external resource = Fleet result = Ok(())
414	2023-11-16T16:44:35.847Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_internal dns_group = internal resource = DnsConfig result = Ok(())
415	2023-11-16T16:44:35.847Z	DEBG	nexus (BackgroundTasks): roles background_task = dns_servers_external dns_group = external roles = RoleSet { roles: {} }
416	2023-11-16T16:44:35.847Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_servers_external dns_group = external resource = Database result = Ok(())
417	2023-11-16T16:44:35.847Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {} }
418	2023-11-16T16:44:35.847Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = Database result = Ok(())
419	2023-11-16T16:44:35.847Z	DEBG	nexus (Bootstore): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
420	2023-11-16T16:44:35.847Z	DEBG	nexus (Bootstore): roles roles = RoleSet { roles: {} }
421	2023-11-16T16:44:35.847Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = dns_config_external dns_group = external resource = DnsConfig result = Ok(())
422	2023-11-16T16:44:35.848Z	DEBG	nexus (Bootstore): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) resource = Database result = Ok(())
423	2023-11-16T16:44:35.848Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
424	2023-11-16T16:44:35.850Z	DEBG	nexus (Bootstore): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
425	2023-11-16T16:44:35.852Z	DEBG	nexus (BackgroundTasks): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = DnsConfig result = Ok(())
426	2023-11-16T16:44:35.852Z	DEBG	nexus (BackgroundTasks): roles background_task = external_endpoints roles = RoleSet { roles: {} }
427	2023-11-16T16:44:35.852Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = external_endpoints resource = Database result = Ok(())
428	2023-11-16T16:44:35.852Z	DEBG	nexus (Bootstore): authorize result action = ListChildren actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) resource = Fleet result = Ok(())
429	2023-11-16T16:44:35.852Z	DEBG	nexus (Bootstore): roles roles = RoleSet { roles: {} }
430	2023-11-16T16:44:35.852Z	DEBG	nexus (Bootstore): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) resource = Database result = Ok(())
431	2023-11-16T16:44:35.865Z	ERRO	nexus: failed to run bootstore sync: Internal Error: no sleds at time of bootstore sync file = nexus/src/app/mod.rs:459
432	2023-11-16T16:44:35.867Z	DEBG	nexus (BackgroundTasks): inventory_prune_one: nothing eligible for removal (too few) background_task = inventory_collection candidates = []
433	2023-11-16T16:44:35.869Z	DEBG	nexus (DnsResolver): lookup_all_socket_v6 srv dns_name = _mgs._tcp.control-plane.oxide.internal response = SrvLookup(Lookup { query: Query { name: Name("_mgs._tcp.control-plane.oxide.internal"), query_type: SRV, query_class: IN }, records: [Record { name_labels: Name("_mgs._tcp.control-plane.oxide.internal."), rr_type: SRV, dns_class: IN, ttl: 0, rdata: Some(SRV(SRV { priority: 0, weight: 0, port: 12225, target: Name("dendrite-b8831f08-3582-4024-b531-d56889de7232.host.control-plane.oxide.internal.") })) }, Record { name_labels: Name("dendrite-b8831f08-3582-4024-b531-d56889de7232.host.control-plane.oxide.internal."), rr_type: AAAA, dns_class: IN, ttl: 0, rdata: Some(AAAA(fd00:1122:3344:101::2)) }], valid_until: Instant { tv_sec: 7195, tv_nsec: 577686631 } })
434	2023-11-16T16:44:35.894Z	INFO	nexus (BackgroundTasks): found DNS servers (initial) addresses = DnsServersList { addresses: [] } background_task = dns_servers_external dns_group = external file = nexus/src/app/background/dns_servers.rs:147
435	2023-11-16T16:44:35.894Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_servers_external dns_group = external elapsed = 55.839989ms iteration = 2
436	2023-11-16T16:44:35.894Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_propagation_external dns_group = external iteration = 3 reason = Dependency
437	2023-11-16T16:44:35.894Z	WARN	nexus (BackgroundTasks): DNS propagation: skipped background_task = dns_propagation_external dns_group = external file = nexus/src/app/background/dns_propagation.rs:73 reason = no config
438	2023-11-16T16:44:35.894Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_propagation_external dns_group = external elapsed = 4.91\u{b5}s iteration = 3
439	2023-11-16T16:44:35.896Z	INFO	nexus (BackgroundTasks): found DNS servers (initial) addresses = DnsServersList { addresses: [] } background_task = dns_servers_internal dns_group = internal file = nexus/src/app/background/dns_servers.rs:147
440	2023-11-16T16:44:35.896Z	WARN	nexus (BackgroundTasks): failed to read DNS config background_task = dns_config_external dns_group = external error = Internal Error: expected exactly one latest version for DNS group External, found 0 file = nexus/src/app/background/dns_config.rs:76
441	2023-11-16T16:44:35.896Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_config_external dns_group = external elapsed = 57.957082ms iteration = 2
442	2023-11-16T16:44:35.896Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_servers_internal dns_group = internal elapsed = 57.959362ms iteration = 2
443	2023-11-16T16:44:35.896Z	DEBG	nexus (BackgroundTasks): activating background_task = dns_propagation_internal dns_group = internal iteration = 3 reason = Dependency
444	2023-11-16T16:44:35.896Z	WARN	nexus (BackgroundTasks): DNS propagation: skipped background_task = dns_propagation_internal dns_group = internal file = nexus/src/app/background/dns_propagation.rs:73 reason = no config
445	2023-11-16T16:44:35.896Z	WARN	nexus (BackgroundTasks): failed to read DNS config background_task = dns_config_internal dns_group = internal error = Internal Error: expected exactly one latest version for DNS group Internal, found 0 file = nexus/src/app/background/dns_config.rs:76
446	2023-11-16T16:44:35.896Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_propagation_internal dns_group = internal elapsed = 4.71\u{b5}s iteration = 3
447	2023-11-16T16:44:35.896Z	DEBG	nexus (BackgroundTasks): activation complete background_task = dns_config_internal dns_group = internal elapsed = 57.928622ms iteration = 2
448	2023-11-16T16:44:35.899Z	WARN	nexus (BackgroundTasks): failed to read Silo/DNS/TLS configuration background_task = external_endpoints error = Internal Error: expected at least one external DNS zone file = nexus/src/app/background/external_endpoints.rs:59
449	2023-11-16T16:44:35.899Z	DEBG	nexus (BackgroundTasks): activation complete background_task = external_endpoints elapsed = 60.158265ms iteration = 2
450	2023-11-16T16:44:35.905Z	DEBG	nexus (BackgroundTasks): begin collection background_task = inventory_collection
451	2023-11-16T16:44:35.905Z	DEBG	nexus (BackgroundTasks): begin collection from MGS background_task = inventory_collection mgs_url = http://[fd00:1122:3344:101::2]:12225
452	2023-11-16T16:44:35.905Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/ignition
453	2023-11-16T16:44:35.907Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/ignition", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "90d0dcb7-6a5d-41b7-b7a4-9237527c6616", "content-length": "476", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
454	2023-11-16T16:44:35.909Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0
455	2023-11-16T16:44:35.909Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "4821cd27-6cb1-418d-9d87-3b10c56d61f4", "content-length": "387", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
456	2023-11-16T16:44:35.910Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/sp/caboose?firmware_slot=0
457	2023-11-16T16:44:35.910Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/sp/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "f9b4e9fd-66f7-41bc-9b24-fcba2c1db0fb", "content-length": "86", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
458	2023-11-16T16:44:35.910Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/sp/caboose?firmware_slot=1
459	2023-11-16T16:44:35.910Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/sp/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "bf025327-2761-496e-a065-878c82eaad2f", "content-length": "86", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
460	2023-11-16T16:44:35.910Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/caboose?firmware_slot=0
461	2023-11-16T16:44:35.910Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "79c2a916-7016-4fa5-a74d-9eea96321bf4", "content-length": "87", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
462	2023-11-16T16:44:35.910Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/switch/0/component/rot/caboose?firmware_slot=1
463	2023-11-16T16:44:35.911Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/switch/0/component/rot/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "02b2b7ae-a44f-4a73-aa9d-0947e8bad7b4", "content-length": "87", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
464	2023-11-16T16:44:35.911Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0
465	2023-11-16T16:44:35.911Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0", query: None, fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "366a84f0-92fb-4417-8d65-4e2ad9d70209", "content-length": "385", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
466	2023-11-16T16:44:35.911Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/sp/caboose?firmware_slot=0
467	2023-11-16T16:44:35.912Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/sp/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "e441d5ec-c7aa-4f0b-aecb-4d33e6fc6b87", "content-length": "84", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
468	2023-11-16T16:44:35.912Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/sp/caboose?firmware_slot=1
469	2023-11-16T16:44:35.912Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/sp/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "7815f7ff-db4c-4ebd-ab52-ae60682e15e5", "content-length": "84", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
470	2023-11-16T16:44:35.912Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/caboose?firmware_slot=0
471	2023-11-16T16:44:35.912Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/caboose", query: Some("firmware_slot=0"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "6b793387-d038-4aaa-acbe-745ed205a361", "content-length": "85", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
472	2023-11-16T16:44:35.912Z	DEBG	nexus (BackgroundTasks): client request background_task = inventory_collection body = None gateway_url = http://[fd00:1122:3344:101::2]:12225 method = GET uri = http://[fd00:1122:3344:101::2]:12225/sp/sled/0/component/rot/caboose?firmware_slot=1
473	2023-11-16T16:44:35.913Z	DEBG	nexus (BackgroundTasks): client response background_task = inventory_collection gateway_url = http://[fd00:1122:3344:101::2]:12225 result = Ok(Response { url: Url { scheme: "http", cannot_be_a_base: false, username: "", password: None, host: Some(Ipv6(fd00:1122:3344:101::2)), port: Some(12225), path: "/sp/sled/0/component/rot/caboose", query: Some("firmware_slot=1"), fragment: None }, status: 200, headers: {"content-type": "application/json", "x-request-id": "6f59efd6-dcea-4050-a723-c4187d72589d", "content-length": "85", "date": "Thu, 16 Nov 2023 16:44:35 GMT"} })
474	2023-11-16T16:44:35.913Z	DEBG	nexus (BackgroundTasks): finished collection background_task = inventory_collection
475	2023-11-16T16:44:35.913Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {} }
476	2023-11-16T16:44:35.913Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Database result = Ok(())
477	2023-11-16T16:44:35.915Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
478	2023-11-16T16:44:35.916Z	DEBG	nexus (BackgroundTasks): authorize result action = Modify actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Inventory result = Ok(())
479	2023-11-16T16:44:35.917Z	DEBG	nexus (BackgroundTasks): roles background_task = inventory_collection roles = RoleSet { roles: {} }
480	2023-11-16T16:44:35.917Z	DEBG	nexus (BackgroundTasks): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-000000000002, .. }) background_task = inventory_collection resource = Database result = Ok(())
481	2023-11-16T16:44:36.039Z	INFO	nexus (BackgroundTasks): inserted inventory collection background_task = inventory_collection collection_id = d7bdb4b9-c7de-4e68-b301-09e75f1b2b87 file = nexus/db-queries/src/db/datastore/inventory.rs:486
482	2023-11-16T16:44:36.040Z	DEBG	nexus (BackgroundTasks): inventory collection complete background_task = inventory_collection collection_id = d7bdb4b9-c7de-4e68-b301-09e75f1b2b87 time_started = 2023-11-16 16:44:35.903361 UTC
483	2023-11-16T16:44:36.040Z	DEBG	nexus (BackgroundTasks): activation complete background_task = inventory_collection elapsed = 200.268285ms iteration = 2
484	2023-11-16T16:44:37.220Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
485	2023-11-16T16:44:37.220Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
486	2023-11-16T16:44:37.222Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
487	2023-11-16T16:44:37.222Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
488	2023-11-16T16:44:37.224Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
489	2023-11-16T16:44:37.226Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
490	2023-11-16T16:44:37.226Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
491	2023-11-16T16:44:39.233Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
492	2023-11-16T16:44:39.233Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
493	2023-11-16T16:44:39.235Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
494	2023-11-16T16:44:39.235Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
495	2023-11-16T16:44:39.237Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
496	2023-11-16T16:44:39.240Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
497	2023-11-16T16:44:39.240Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
498	2023-11-16T16:44:41.246Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
499	2023-11-16T16:44:41.247Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
500	2023-11-16T16:44:41.249Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
501	2023-11-16T16:44:41.249Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
502	2023-11-16T16:44:41.251Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
503	2023-11-16T16:44:41.253Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
504	2023-11-16T16:44:41.253Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
505	2023-11-16T16:44:43.260Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
506	2023-11-16T16:44:43.260Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
507	2023-11-16T16:44:43.264Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
508	2023-11-16T16:44:43.264Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
509	2023-11-16T16:44:43.266Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
510	2023-11-16T16:44:43.269Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
511	2023-11-16T16:44:43.269Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
512	2023-11-16T16:44:45.275Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
513	2023-11-16T16:44:45.276Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
514	2023-11-16T16:44:45.277Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
515	2023-11-16T16:44:45.278Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
516	2023-11-16T16:44:45.280Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
517	2023-11-16T16:44:45.282Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
518	2023-11-16T16:44:45.282Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
519	2023-11-16T16:44:47.289Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
520	2023-11-16T16:44:47.289Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
521	2023-11-16T16:44:47.291Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
522	2023-11-16T16:44:47.291Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
523	2023-11-16T16:44:47.293Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
524	2023-11-16T16:44:47.295Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
525	2023-11-16T16:44:47.295Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
526	2023-11-16T16:44:49.302Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
527	2023-11-16T16:44:49.302Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
528	2023-11-16T16:44:49.303Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
529	2023-11-16T16:44:49.303Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
530	2023-11-16T16:44:49.306Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
531	2023-11-16T16:44:49.309Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
532	2023-11-16T16:44:49.309Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
533	2023-11-16T16:44:51.315Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
534	2023-11-16T16:44:51.316Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
535	2023-11-16T16:44:51.317Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
536	2023-11-16T16:44:51.317Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
537	2023-11-16T16:44:51.318Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
538	2023-11-16T16:44:51.321Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
539	2023-11-16T16:44:51.321Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
540	2023-11-16T16:44:53.327Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
541	2023-11-16T16:44:53.328Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
542	2023-11-16T16:44:53.329Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
543	2023-11-16T16:44:53.329Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
544	2023-11-16T16:44:53.331Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
545	2023-11-16T16:44:53.333Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
546	2023-11-16T16:44:53.333Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
547	2023-11-16T16:44:55.340Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
548	2023-11-16T16:44:55.340Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
549	2023-11-16T16:44:55.342Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
550	2023-11-16T16:44:55.342Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
551	2023-11-16T16:44:55.343Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
552	2023-11-16T16:44:55.346Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
553	2023-11-16T16:44:55.346Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
554	2023-11-16T16:44:57.352Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
555	2023-11-16T16:44:57.352Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
556	2023-11-16T16:44:57.353Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
557	2023-11-16T16:44:57.354Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
558	2023-11-16T16:44:57.355Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
559	2023-11-16T16:44:57.357Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
560	2023-11-16T16:44:57.357Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
561	2023-11-16T16:44:59.359Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
562	2023-11-16T16:44:59.359Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
563	2023-11-16T16:44:59.360Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
564	2023-11-16T16:44:59.360Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
565	2023-11-16T16:44:59.362Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
566	2023-11-16T16:44:59.364Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
567	2023-11-16T16:44:59.364Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561
568	2023-11-16T16:45:01.365Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
569	2023-11-16T16:45:01.366Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
570	2023-11-16T16:45:01.367Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {} }
571	2023-11-16T16:45:01.368Z	DEBG	nexus (ServiceBalancer): authorize result action = Query actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Database result = Ok(())
572	2023-11-16T16:45:01.370Z	DEBG	nexus (ServiceBalancer): roles roles = RoleSet { roles: {(Fleet, 001de000-1334-4000-8000-000000000000, "admin")} }
573	2023-11-16T16:45:01.372Z	DEBG	nexus (ServiceBalancer): authorize result action = Read actor = Some(Actor::UserBuiltin { user_builtin_id: 001de000-05e4-4000-8000-00000000bac3, .. }) resource = Rack { parent: Fleet, key: 0b31008b-c9a5-401c-bb0b-8c7157b38140, lookup_type: ById(0b31008b-c9a5-401c-bb0b-8c7157b38140) } result = Ok(())
574	2023-11-16T16:45:01.372Z	INFO	nexus: Still waiting for rack initialization: Rack { identity: RackIdentity { id: 0b31008b-c9a5-401c-bb0b-8c7157b38140, time_created: 2023-11-16T16:44:35.813362Z, time_modified: 2023-11-16T16:44:35.813362Z }, initialized: false, tuf_base_url: None, rack_subnet: None } file = nexus/src/app/rack.rs:561