How do you define a role for x-pack security in tribe node?

As the document suggests, I am setting roles which are same as other clusters.

When using tribe nodes with secured clusters, all clusters must have X-Pack security enabled and share the same security configuration (users, roles, user-role mappings, SSL/TLS CA). The tribe node itself also must be configured to grant access to actions and indices on all of the connected clusters, as security checks on incoming requests are primarily done on the tribe node itself.

However, Role Management API returns an error.

curl -u elastic:changeme  -XPUT localhost:9200/_xpack/security/role/read_only -d '{
{
  "indices" : [{
    "names" : [ "*-dc1-*", "*-dc2-*", "*-dcyk-*"],
    "privileges" : [ "read", "view_index_metadata"]
  }]
}'

{"error" : [ "root_cause" : [["type" : "unsupported_operation_exception", "reason" : "roles may not be created or modified using a tribe node"....

I believe this is returned tribe node does not have cluster level operation . Do you need to set with files instead for tribe node?

yes, roles.yml works very well. Note: we use the file based roles on all clusters as well.

@jetnet

Okay. Thanks for sharing. I am glad to hear that there are people using tribe node out there!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.