Built in 'User' Role in Shield Vs x-pack

jackhouston1 · September 29, 2017, 12:14am

Hi All,

I have just upgraded my Elastic Search to 5.6.1 as well as x-pack.

I am having hard time recreating the USER built in role available in shield into x-pack , for that i have defined the role in x-pack as

PUT /_xpack/security/role/user?pretty
{
"run_as": [ ],
"cluster": [ ],
"indices": [
{
"names": [ "*" ],
"privileges": [ "read" ]

]
}

But once i assign the role to any users they are facing an issue when they try to run
1.GET /_cat/indices?v
Error:
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
}
],
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
},
"status": 403
}

2.GET /Salesproviders?pretty
Error:
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
}
],
"type": "security_exception",
"reason": "action [indices:admin/get] is unauthorized for user [dbodauser]"
},
"status": 403
}

Can some one please throw some light on where i am going wrong

Thanks in Advance.
Jack

Julien · October 6, 2017, 9:58am

Hi,

You gave user read access to all indices, this means the user will be able to read the content of any indices and run this :
GET /indexname/_search

The error you get are expected if the user is assigned a role which only allow reading data from indices :
GET /indexname?pretty -> you would need the view_index_metadata privilege

GET _cat/indices?v -> you would need the monitor privilege

Hope this helps.

system · November 3, 2017, 9:59am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.