Hi Experts,
I am facing an issue while using trying to assign a role for a specific user.
I am using window AD for authenticating the users.
this is my roles.yml file
claims_read:
indices:
'claims':
privileges: read
'.kibana43':
- indices:admin/exists
- indices:admin/mappings/fields/get
- indices:admin/refresh
- indices:admin/validate/query
- indices:data/read/get
- indices:data/read/mget
- indices:data/read/search
claims_read1:
cluster:
- cluster:monitor/nodes/info
- cluster:monitor/health
indices:
'blaa':
privileges:
- indices:admin/mappings/fields/get
- indices:admin/validate/query
- indices:admin/get
- read
admin:
cluster:
- all
indices:
- names: '*'
privileges:
- all
If i assign a user with admin role everything is working fine, but when i assign claims_read1 role to a user i am getting the following error in the kibana.
Error: unhandled courier request error: [security_exception] action [indices:data/read/mget] is unauthorized for user [sxbhas]
at handleError (https://wlielastict01.asia.intl.cigna.com:5601/bundles/kibana.bundle.js?v=9693:78866:23)
at DocRequest.AbstractReqProvider.AbstractReq.handleFailure (https://wlielastict01.asia.intl.cigna.com:5601/bundles/kibana.bundle.js?v=9693:78786:15)
at https://wlielastict01.asia.intl.cigna.com:5601/bundles/kibana.bundle.js?v=9693:78680:18
at Array.forEach (native)
at https://wlielastict01.asia.intl.cigna.com:5601/bundles/kibana.bundle.js?v=9693:78678:19
at processQueue (https://wlielastict01.asia.intl.cigna.com:5601/bundles/commons.bundle.js?v=9693:42357:29)
at https://wlielastict01.asia.intl.cigna.com:5601/bundles/commons.bundle.js?v=9693:42373:28
at Scope.$eval (https://wlielastict01.asia.intl.cigna.com:5601/bundles/commons.bundle.js?v=9693:43601:29)
at Scope.$digest (https://wlielastict01.asia.intl.cigna.com:5601/bundles/commons.bundle.js?v=9693:43412:32)
at Scope.$apply (https://wlielastict01.asia.intl.cigna.com:5601/bundles/commons.bundle.js?v=9693:43709:25)
But i double checked the log if there is anything wrong in the role update, but i could not find anything
Aug 11 16:27:23 wlielastict01 elasticsearch: [2016-08-11 16:27:23,269][INFO ][gateway ] [cignanz-elk-test-wlielastict01] recovered [133] indices into cluster_state
Aug 11 16:27:40 wlielastict01 elasticsearch: [2016-08-11 16:27:40,197][INFO ][cluster.routing.allocation] [cignanz-elk-test-wlielastict01] Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[winlogbeat-2016.02.27][1], [winlogbeat-2016.02.27][1]] ...]).
Any help would be great.
Thanks!!