Action unauthorized for user

Samir_Said · November 11, 2020, 1:15pm

I have created a user using:
Stack Management / Users
and added roles: kibana_admin, kibana_system
however, the user got error when tried to run queury:

{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "action [indices:data/read/search] is unauthorized for user [ekhlass]"
      }
    ],
    "type" : "security_exception",
    "reason" : "action [indices:data/read/search] is unauthorized for user [ekhlass]"
  },
  "status" : 403
}

Kindly advice.

aaron-nimocks · November 11, 2020, 1:23pm

@Samir_Said Welcome!

You need to create a role that gives that user access to that functionality. Then assign that new role to the user.

Kibana Admin - Has no read/write/search on any index privileges.
Kibana System - Has access to system indexes but if you see below it doesn't give read/write/search to *.

The role you probably want is below. But you can restrict access to certain indicies and privileges.

Samir_Said · November 11, 2020, 1:50pm

Thank you for help, I have fixed the issue.

system · December 9, 2020, 1:50pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.