...
... [ERROR][savedobjects-service] [.kibana] Action failed with
'security_exception: [security_exception] Reason: action [indices:admin/create]
is unauthorized for user [kibanaserver] with roles [admin] on restricted indices
[.kibana_8.3.2_001], this action is granted by the index privileges
[create_index,manage,all]'. ...
...
... [ERROR][savedobjects-service] [.kibana_task_manager] Action failed with
'security_exception: [security_exception] Reason: action [indices:admin/create]
is unauthorized for user [kibanaserver] with roles [admin] on restricted indices
[.kibana_task_manager_8.3.2_001], this action is granted by the index privileges
[create_index,manage,all]'. ...
...
[Line breaks/spaces added here for readability.] users_roles contains:
...
admin:kibanaserver
...
roles.yml contains:
admin:
cluster:
- all
indices:
- names: '*'
privileges:
- all
...
The errors occurred again during one of the next (re-)starts and it persisted until we changed users_roles on all 9 nodes from:
admin:...,kibanaserver,...
to:
admin:...
kibana_system:kibanaserver
It remains a mystery to us why it worked when restarting Kibana a few times and suddenly it didn't persistently – with the admin role (and its settings in roles.yml) assigned to kibanaserver. Just a guess: Perhaps an issue of the order of restarting ES nodes and which master node was the previous current master?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.