Indices:admin/template/put is a "cluster" action?

amiryesh · November 27, 2016, 10:16am

Hello,

I am trying to use the default "readwrite" role,
I am performing a put-index-template operation, and get the error:

action [indices:admin/template/put] is unauthorized for user [readwrite]

As the message states, the action is a "index" action, not a "cluster" action.

However, the role definition grants "all" privileges on all indices

readwrite:
cluster: monitor
indices:
'*': all

Changing "cluster: monitor" to "cluster:all" solves the problem.
This implies that there is a "cluster" level privilege that is required to perform the template-put operation.

My questions are:

What is the cluster level privilege that is required here?
Where can I find a list of privilege names and their description? (could not find this in the documentation)
Where can I see Shield logs in elastic.cloud so that I can further debug such issues on my own?

Thanks
/amiry

jaymode · December 5, 2016, 7:49pm

The cluster manage_index_templates permission is required. This is required because index templates can be applied globally, so changing them requires cluster management permissions.

Take a look at Shield Privileges | Shield [2.4] | Elastic

I suggest you ask this question in the #cloud section.

system · January 2, 2017, 7:50pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.