I'm running Elastic 7.8.0 on the latest Debian 10. SSL and authentication is enabled. Everything has been working fine. I've been able to connect to the ES instance using all of the stack products and using the python elasticsearch python client. I created API keys to authenticate the application I am writing, and it has been working for all sorts of queries and updates except for the 'get' request. The details are as follows
When I use the elasticsearch-py library to run the following query es.get(index="filebeat-*", id=id)
I get the following exception: elasticsearch.exceptions.AuthorizationException: AuthorizationException(403, 'security_exception', 'action [indices:data/read/get] is unauthorized for user [elastic]')
In the above case I actually authenticated using the 'elastic' superuser just to see if I was doing anything wrong. I can't seem to figure it out.
EDIT : While debugging further I figured it was the wildcard after the index name that caused this. You can't get a document by the id across a number of indices. The exception was misleading. When I ran the same query in the 'Dev Tools' section of Kibana, the error was a bit more accurate - as such. { "error" : { "root_cause" : [ { "type" : "security_exception", "reason" : "action [indices:data/read/get] is unauthorized for user [elastic]" } ], "type" : "security_exception", "reason" : "action [indices:data/read/get] is unauthorized for user [elastic]", "caused_by" : { "type" : "illegal_state_exception", "reason" : "There are no external requests known to support wildcards that don't support replacing their indices" } }, "status" : 403 }
Thank you for the warm welcome.
Sure - it's solved. Could the error.root_cause.reason perhaps be amended in a future release so as to give a more accurate description (as opposed to the authorization related issue)?
Hi Warkolm,
I am having the similar issue, but i couldn't find solution in this topic,. Can you please point me to the solution for "There are no external requests known to support wildcards that don't support replacing their indices" } }, "status" : 403 }?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.