On elasticsearch + xpack 5.0.0 I'm getting a 403 when attempting to access index stats via _cat/indices when logged in as an admin user. I've repro'd through curl (curl --user elastic:<password> http://localhost:9200/_cat/indices/) as well as through the browser. Response returned is:
{ "error": { "root_cause": [ { "type": "security_exception", "reason": "action [indices:monitor/stats] is unauthorized for user [elastic]" } ], "type": "security_exception", "reason": "action [indices:monitor/stats] is unauthorized for user [elastic]" }, "status": 403 }
But I am able to gather stats for a specific index pattern e.g.: _cat/indices/packetbeat*. That returns:
yellow open packetbeat-2016.04.19 5 1 41863 0 19.9mb 19.9mb yellow open packetbeat-2016.04.14 5 1 8413 0 3.6mb 3.6mb yellow open packetbeat-2016.04.13 5 1 84243 0 30.5mb 30.5mb
User elastic is configured as admin role in ...config/x-pack/users_roles as follows:
admin:elastic
admin role is defined in roles.yml as follows:
``# All cluster rights
admin:
cluster:
- all
indices:
- names: '*'
privileges:
- all``
Is this a known issue?
Note: In a cluster I have in Elastic Cloud running ES 2.3.1 the same _cat/indices query returns the expected data when logged in as an admin user