Built in 'User' Role in Shield Vs x-pack

Hi All,

I have just upgraded my Elastic Search to 5.6.1 as well as x-pack.

I am having hard time recreating the USER built in role available in shield into x-pack , for that i have defined the role in x-pack as

PUT /_xpack/security/role/user?pretty
{
"run_as": [ ],
"cluster": [ ],
"indices": [
{
"names": [ "*" ],
"privileges": [ "read" ]

}

]
}

But once i assign the role to any users they are facing an issue when they try to run
1.GET /_cat/indices?v
Error:
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
}
],
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
},
"status": 403
}

2.GET /Salesproviders?pretty
Error:
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
}
],
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
},
"status": 403
}

Can some one please throw some light on where i am going wrong

Thanks in Advance.
Jack

Hi,

You gave user read access to all indices, this means the user will be able to read the content of any indices and run this :
GET /indexname/_search

The error you get are expected if the user is assigned a role which only allow reading data from indices :
GET /indexname?pretty -> you would need the view_index_metadata privilege

GET _cat/indices?v -> you would need the monitor privilege

Hope this helps.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.