Action unauthorized for user

Samir_Said · November 11, 2020, 1:15pm

I have created a user using:
Stack Management / Users
and added roles: kibana_admin, kibana_system
however, the user got error when tried to run queury:

{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "action [indices:data/read/search] is unauthorized for user [ekhlass]"
      }
    ],
    "type" : "security_exception",
    "reason" : "action [indices:data/read/search] is unauthorized for user [ekhlass]"
  },
  "status" : 403
}

Kindly advice.

aaron-nimocks · November 11, 2020, 1:23pm

@Samir_Said Welcome!

You need to create a role that gives that user access to that functionality. Then assign that new role to the user.

Kibana Admin - Has no read/write/search on any index privileges.
Kibana System - Has access to system indexes but if you see below it doesn't give read/write/search to *.

The role you probably want is below. But you can restrict access to certain indicies and privileges.

Samir_Said · November 11, 2020, 1:50pm

Thank you for help, I have fixed the issue.

Topic		Replies	Views
Kibana read-only role (7.9.0) Kibana	3	731	September 25, 2020
Indices:data/read/search exception Elasticsearch elastic-stack-security	2	2626	July 6, 2017
User in Kibana get 403 Elasticsearch elastic-stack-security	4	1890	August 27, 2019
Created user role for privileges on Index but user despite login to Kibana unable to access Index Kibana	7	2966	August 27, 2018
Action [indices:data/read/search[phase/query]] is unauthorized for user [kibana4_server] Elasticsearch elastic-stack-security	3	4688	July 6, 2017

Action unauthorized for user

Related topics