I am trying to use the default "readwrite" role,
I am performing a put-index-template operation, and get the error:
action [indices:admin/template/put] is unauthorized for user [readwrite]
As the message states, the action is a "index" action, not a "cluster" action.
However, the role definition grants "all" privileges on all indices
Changing "cluster: monitor" to "cluster:all" solves the problem.
This implies that there is a "cluster" level privilege that is required to perform the template-put operation.
My questions are:
- What is the cluster level privilege that is required here?
- Where can I find a list of privilege names and their description? (could not find this in the documentation)
- Where can I see Shield logs in elastic.cloud so that I can further debug such issues on my own?