How to connect local kibana with AWS elasticsearch, what should be the settings in kibana.yml file?

Rahul_Salunke · April 29, 2020, 4:06pm

I have an AWS Elasticsearch on my AWS account with Username and Password.
Note: It does have an username password for elastic, its open and I am able to connect it via python code.

I want to connect this with kibana 7.4 installed on my local machine, what should be setting for kibana.yml , pasting below what I tried in kibana.yml.

It gives error of xpack like below when run below command from terminal -

[warning][license][xpack] License information from the X-Pack plugin could not be obtained from Elasticsearch for the [data] cluster. Authentication Exception :: {"path":"/_xpack","statusCode":401,"response":"{\"Message\":\"Your request: '/_xpack' is not allowed.\"}"}

Can anyone please help with recommended setting to connect AWS ES with Local Kibana??

flash1293 · April 29, 2020, 8:25pm

It looks like you are using the default Kibana distribution. This won’t work because it requires the default distribution of Elasticsearch as well (because some features are partially implemented in Elasticsearch). AWS is running its own flavor of Elasticsearch which is not compatible.

You can try running the oss distribution of Kibana: https://www.elastic.co/downloads/past-releases#kibana-oss

But there is no guarantee this would work because of custom changes of AWS Elasticsearch (I’m not familiar with the specifics).

Side note: elastic.cloud.co can use AWS as cloud provider as well and runs the default distribution, so the setup you described would be possible.

Rahul_Salunke · April 30, 2020, 6:07am

Hi Joe,

Thank for your reply. I did configure OSS distribution of kibana-7.4.2 as it is compatible with AWS ES-7.4.2. We have Username/password authentication on AWS Elasticsearch. and same configured in kibana.yml file. but getting below error now:

log [06:04:43.818] [info][plugins-system] Setting up [2] plugins: [inspector,data]
log [06:04:43.827] [info][data][plugins] Setting up plugin
log [06:04:43.829] [info][plugins-system] Starting [1] plugins: [data]
log [06:04:46.280] [info][status][plugin:apm_oss@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.699] [info][status][plugin:kibana@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.703] [info][status][plugin:elasticsearch@7.4.2] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [06:04:46.708] [info][status][plugin:console@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.710] [info][status][plugin:data@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.716] [info][status][plugin:interpreter@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.723] [info][status][plugin:kibana_react@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.724] [info][status][plugin:visualizations@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.727] [info][status][plugin:metrics@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.733] [info][status][plugin:region_map@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.738] [info][status][plugin:tile_map@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.809] [info][status][plugin:timelion@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.811] [info][status][plugin:ui_metric@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.813] [info][status][plugin:markdown_vis@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.814] [info][status][plugin:metric_vis@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.816] [info][status][plugin:table_vis@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.817] [info][status][plugin:tagcloud@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.818] [info][status][plugin:vega@7.4.2] Status changed from uninitialized to green - Ready
log [06:04:46.872] [info][status][plugin:elasticsearch@7.4.2] Status changed from yellow to green - Ready
log [06:04:46.886] [fatal][root] { Error: [security_exception] no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null]
at respond (/opt/kibana-7.4.2-linux-x86_64/node_modules/elasticsearch/src/lib/transport.js:349:15)
at checkRespForFailure (/opt/kibana-7.4.2-linux-x86_64/node_modules/elasticsearch/src/lib/transport.js:306:7)
at HttpConnector. (/opt/kibana-7.4.2-linux-x86_64/node_modules/elasticsearch/src/lib/connectors/http.js:173:7)
at IncomingMessage.wrapper (/opt/kibana-7.4.2-linux-x86_64/node_modules/elasticsearch/node_modules/lodash/lodash.js:4929:19)
at IncomingMessage.emit (events.js:194:15)
at endReadableNT (_stream_readable.js:1103:12)
at process._tickCallback (internal/process/next_tick.js:63:19)
status: 403,
displayName: 'AuthorizationException',
message:
'[security_exception] no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null]',
path: '/.kibana',
query: {},
body:
{ error:
{ root_cause: [Array],
type: 'security_exception',
reason:
'no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null]' },
status: 403 },
statusCode: 403,
response:
'{"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null]"},"status":403}',
toString: [Function],
toJSON: [Function] }
log [06:04:46.890] [info][plugins-system] Stopping all plugins.
log [06:04:46.890] [info][data][plugins] Stopping plugin

FATAL [security_exception] no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null] :: {"path":"/.kibana","query":{},"statusCode":403,"response":"{"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:admin/get] and User [name=transport_admin, backend_roles=, requestedTenant=null]"},"status":403}"}

Please help me with above error.

Thanks,

flash1293 · April 30, 2020, 7:42am

As this question is related to the specifics of AWS Elasticsearch I suggest asking this question in the AWS forum.

system · May 28, 2020, 7:42am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.