Kibana version: 8.4.2
Elasticsearch version: 8.4.2
APM Server version: 8.4.2
APM Agent language and version: Java Agent, Version 1.33.0
Browser version: Microsoft Edge, Version 106.0.1370.47
Fresh install or upgraded from other version? Fresh install
Description of the problem including expected versus actual behavior. Please include screenshots (if relevant):
In order to allow users to login after being authenticated to AAD. For this I created an Enterprise Application in AAD and configured SAML with my Elastic Cloud deployment.
Then I created role-mapping for "superuser", "editor" and "reader". The same value has been assigned to App Role in the Enterprise Application of Azure Active Directory (AAD). The user added to the Enterprise Application are able to login to the Kibana dashboard using the AAD.
However, when the user with role-mapped as "superuser", "editor" and "reader" tries to access APM, dashboard and Discover tab is getting the below error message:
Error fetching fields for data view -elastic-cloud-logs-,.alerts-security.alerts-default,apm--transaction,auditbeat-,endgame-,filebeat-,logs-,packetbeat-,traces-apm,winlogbeat-* (ID: security-solution-default)
[object Object]: security_exception: [security_exception] Reason: action [indices:data/read/field_caps] is unauthorized for user [Gaurav.Kumar1@landmarkgroup.com] with roles [reader,kibana_admin], this action is granted by the index privileges [view_index_metadata,manage,read,all]
The logged in user has been added to App Role "superuser". Ideally this user should have all the permission to administrate. The same is happening for users in App roles "editor" and "viewer".
Also, please note that we want to avoid giving "kibana_admin" permission to users who are "editor" and "viewer".
Errors in browser console (if relevant):
Error fetching fields for data view -elastic-cloud-logs-,.alerts-security.alerts-default,apm--transaction,auditbeat-,endgame-,filebeat-,logs-,packetbeat-,traces-apm,winlogbeat-* (ID: security-solution-default)
[object Object]: security_exception: [security_exception] Reason: action [indices:data/read/field_caps] is unauthorized for user [Gaurav.Kumar1@landmarkgroup.com] with roles [reader,kibana_admin], this action is granted by the index privileges [view_index_metadata,manage,read,all]