Hello,
I have a problem with permissions access for elastic deployment with dedicated user. When I use superuser role for sample_user, deployment works properly. The issue is begin with create new role. I wanted permission reduction but when I am creating new role with maximum setting it returns me this error -
fatal: [host-g]: FAILED! => changed=true cmd: docker run -v /srv/docker/volumes/metricbeat/metricbeat-setup.yml:/usr/share/metricbeat/metricbeat.yml --rm --network host 10.X.X.X:443/sdwan/metricbeat:b01faf49dfa8 setup delta: '0:00:02.033285' end: '2018-12-17 14:27:03.325520' invocation: module_args: _raw_params: docker run -v /srv/docker/volumes/metricbeat/metricbeat-setup.yml:/usr/share/metricbeat/metricbeat.yml --rm --network host 10.X.X.X:443/sdwan/metricbeat:b01faf49dfa8 setup _uses_shell: true argv: null chdir: null creates: null executable: null removes: null stdin: null warn: true msg: non-zero return code rc: 1 start: '2018-12-17 14:27:01.292235' stderr: |- Exiting: Error importing Kibana dashboards: fail to import the dashboards in Kibana: Error importing directory /usr/share/metricbeat/kibana: Failed to import index-pattern: Failed to load directory /usr/share/metricbeat/kibana/6/index-pattern: error loading /usr/share/metricbeat/kibana/6/index-pattern/metricbeat.json: action [indices:data/write/bulk[s]] is unauthorized for user [aiops]. Response: {"objects":[{"id":"metricbeat-*","type":"index-pattern","error":{"message":"action [indices:data/write/bulk[s]] is unauthorized for user [aiops]"}}]} stderr_lines: - 'Exiting: Error importing Kibana dashboards: fail to import the dashboards in Kibana: Error importing directory /usr/share/metricbeat/kibana: Failed to import index-pattern: Failed to load directory /usr/share/metricbeat/kibana/6/index-pattern:' - ' error loading /usr/share/metricbeat/kibana/6/index-pattern/metricbeat.json: action [indices:data/write/bulk[s]] is unauthorized for user [aiops]. Response: {"objects":[{"id":"metricbeat-*","type":"index-pattern","error":{"message":"action [indices:data/write/bulk[s]] is unauthorized for user [aiops]"}}]}' stdout: |- Loaded index template Loading dashboards (Kibana must be running and reachable) stdout_lines: <omitted>
If I see it correctly, I chose all available indicies.
and this is how the superuser role looks like
Where else can I make a mistake?
Regards,
Dawid