I assume you have security enabled in ES and Kibana? Otherwise I would expect that you shouldn't see an "Authentication Error" at all.
The reason the index wasn't created was because the alert didn't actually run, or at least run to completion - there's a chance it got all the way to executing the actions, but I'd guess it failed before it even completed whatever the alert was querying on.
In other words, the problem is with the alert, and not the actions.
I'm not used to seeing Authentication errors here, as usually by the time you've created an alert, you've passed through tons of authn/authz, so I'm not quite sure how this happened.
With security on, we create API keys based on the user who last updated the alert, and use that API key as the authentication when the alert runs (and presumably queries an index) and when actions run (eg, the index action writing a document to an index).
You could try updating that API key by disabling the alert, then enabling it - we build a new API key based on the user that enables the alert as well. So give that a try.
I'm also wondering what sort of security you are using to access Kibana / elasticsearch. saml? pki? basic?
Also wondering if there's anything else "security-ish" in your Kibana logs, or ES logs.