I have a similar situation here. On startup Kibana says
FATAL Error: [config validation of [elasticsearch].username]: value of "elastic" is forbidden. This is a superuser account that cannot write to system indices that Kibana needs to function. Use a service account token instead. Learn more: https://www.elastic.co/guide/en/elasticsearch/reference/8.0/service-accounts.html
Strangely however, this value is not defined in kibana.yml:
$ grep username config/kibana.yml
# the username and password that the Kibana server uses to perform maintenance on the Kibana
#elasticsearch.username: ${elasticsearch.username}
Instead I'm using a service token:
#elasticsearch.username: ${elasticsearch.username}
#elasticsearch.password: ${elasticsearch.password}
elasticsearch.serviceAccountToken: "edited"
After creating the token I got this result
{
"created" : true,
"token" : {
"name" : "token_E1iT534Bm30JRve8bsYA",
"value" : "edited"
}
}
I ran a test request
curl -H "Authorization: Bearer edited" https://hostname -f:9200/_security/_authenticate?pretty
and got
{
"username" : "elastic/kibana",
"roles" : [ ],
"full_name" : "Service account - elastic/kibana",
"email" : null,
"token" : {
"name" : "token_E1iT534Bm30JRve8bsYA",
"type" : "_service_account_index"
},
"metadata" : {
"_elastic_service_account" : true
},
"enabled" : true,
"authentication_realm" : {
"name" : "_service_account",
"type" : "_service_account"
},
"lookup_realm" : {
"name" : "_service_account",
"type" : "_service_account"
},
"authentication_type" : "token"
}