I just upgraded a test cluster and now I'm not able to login as a user which is in an ldap group for superusers.
I'm getting the error below
Error in Browser
{"message":"action [indices:data/read/search] is unauthorized for user [user123]: [security_exception] action [indices:data/read/search] is unauthorized for user [user123]","statusCode":403,"error":"Forbidden"}
I have added a superuser role_mapping in the Elastic API as well as in the /etc/elasticsearch/role_mapping.yml file
API
"superuser" : {
"enabled" : true,
"roles" : [
"superuser"
],
"rules" : {
"field" : {
"groups" : "CN=sdlc_elasticsearch_admin,OU=elk,OU=appgroups,OU=accessmgmnt,DC=something,DC=something,DC=com"
}
},
"metadata" : { }
}
}
Any Ideas how I may resolve this issue?