Create user automatically

flochon · April 10, 2018, 7:16am

I would like add a user when I throw the script Ansible. I took the official script here : https://github.com/elastic/ansible-elasticsearch

I make this for the new user :

es_users:
  native:
    kibana:
      password: totototo
    logstash_system:
      password: totototo
    elastic:
      password: totototo
    logstash_internal:
      password: totototo
      roles:
        - logstash_writer

es_roles:
  native:
    logstash_writer:
      cluster:
        - manage_index_templates
        - monitor
      indices:
        - names: 'filebeat-*'
          privileges:
            - write
            - delete
            - create-index

The problem is Logstash_internal doesn't work and if I create manually with the Dev Tools the same user with the same role it's work. What's wrong ?

michael.russell · April 11, 2018, 7:13am

Hi @flochon!

Could you expand a bit more on what errors you are getting or what functionality isn't working exactly?

When I took your configuration and ran it locally I got this error:

kitchen@6dc520f8504e:~$ curl -s -u logstash_internal:totototo localhost:9200 | json_pp
{
   "status" : 400,
   "error" : {
      "type" : "illegal_argument_exception",
      "root_cause" : [
         {
            "reason" : "unknown index privilege [create-index]. a privilege must be either one of the predefined fixed indices privileges [all=[all],read=[read],create_index=[create_index],read_cross_cluster=[read_cross_cluster],index=[index],monitor=[monitor],none=[none],delete=[delete],manage=[manage],delete_index=[delete_index],view_index_metadata=[view_index_metadata],create=[create],write=[write]] or a pattern over one of the available index actions",
            "type" : "illegal_argument_exception"
         }
      ],
      "reason" : "unknown index privilege [create-index]. a privilege must be either one of the predefined fixed indices privileges [all=[all],read=[read],create_index=[create_index],read_cross_cluster=[read_cross_cluster],index=[index],monitor=[monitor],none=[none],delete=[delete],manage=[manage],delete_index=[delete_index],view_index_metadata=[view_index_metadata],create=[create],write=[write]] or a pattern over one of the available index actions"
   }
}

So it looks like you made a typo and need to rename create-index to create_index. You can find the full list of available permissions on the x-pack security privileges documentation page.

flochon · April 11, 2018, 8:19am

Yes, you're right. I did a stupid mistake.

Thank you very much.

michael.russell · April 11, 2018, 8:42am

Awesome! Glad you got it working

Topic		Replies	Views
Logstash can't index into ES: `action [indices:admin/auto_create] is unauthorized for user` Elasticsearch elastic-stack-security	2	678	November 24, 2022
Logstash connection to Elastic search Logstash	4	6015	July 6, 2018
Can't get logstash user to authenticate to ES Elasticsearch elastic-stack-security	5	2583	July 6, 2017
Logstash user in Xpack Logstash	4	2611	September 1, 2017
Security_exception in logstash log: indices:admin/auto_create is unauthorized for user Logstash elastic-stack-security	3	1609	May 6, 2021

Create user automatically

Related topics