New user created with API has admin role not recognized

ismael_mv · September 13, 2024, 4:46pm

Hi, I'm trying to create a user for Kibana (elastic is reserved so I can't use it).

I had executed these API call to do so, but admin role seems not beeing recognized. Do you have any clue ?
(user and password are temporary, i'm trying to get this working, all my stack is on version 8.15.1)

$ curl -s -X POST -u "elastic:myelasticpassword" -H "Content-Type: application/json" http://localhost:9200/_security/user/kibana_app -d '{"username":"kibana_app","password":"mykibanapassword","roles" : [admin]}'
{"created":true}%

$ curl -s -X GET -u "elastic:myelasticpassword" -H "Content-Type: application/json" http://localhost:9200/_security/user/kibana_app
{"kibana_app":{"username":"kibana_app","roles":["admin"],"full_name":null,"email":null,"metadata":{},"enabled":true}}%


$ curl -u kibana_app:mykibanapassword http://localhost:9200/_cluster/health
{"error":{"root_cause":[{"type":"security_exception","reason":"action [cluster:monitor/health] is unauthorized for user [kibana_app] with effective roles [] (assigned roles [admin] were not found), this action is granted by the cluster privileges [monitor,manage,all]"}],"type":"security_exception","reason":"action [cluster:monitor/health] is unauthorized for user [kibana_app] with effective roles [] (assigned roles [admin] were not found), this action is granted by the cluster privileges [monitor,manage,all]"},"status":403}%

TimV · September 16, 2024, 4:04am

It doesn't look like you have an admin role. Were you expecting one? Elasticsearch doesn't ship with one.

ismael_mv · September 16, 2024, 7:09am

Hi TimV, I have had the user with admin role like exposed in the documentation. Here my JSON body of the first call :

{
  "username":"kibana_app",
  "password":"mykibanapassword",
  "roles" : ["admin"]
}

The second call prove me that the user is created with the correct role.

The third one using this new created user is indicating that he can't find any role for him.

ismael_mv · September 16, 2024, 7:16am

Oh I may have understand, Elasticsearch has no role named "admin", is that it ?

What are the default roles if there is no one named 'admin' ?

ismael_mv · September 16, 2024, 9:44am

Thank you for your indication, I have had misunderstood at which level role was missing.

leandrojmp · September 16, 2024, 12:50pm

The equivalent to admin would be the superuser role, this role has full access to everything in Elastic, so be careful in using it.

ismael_mv · September 16, 2024, 1:16pm

Thank you Leandro, I will use this one carefully and learn how to create a new one.

Topic		Replies	Views
Kibana Create Role API returns 404 Kibana elastic-stack-security	4	457	October 24, 2022
I have create a new user but couldn't set a privilege or role to it Elasticsearch	11	5584	June 16, 2017
Security_exception: action [indices:admin/create] is unauthorized for user [elasticsearch] with effective roles [superuser] on restricted indices [.kibana_analytics_8.13.4_001], this action is granted by the index privileges [create_index,manage,all]' Kibana	2	195	August 1, 2024
Cannot change kibana user roles also cannot create new user Kibana	5	1288	September 15, 2017
Unable to setup authentication using x-pack Elasticsearch	6	5626	May 16, 2017

New user created with API has admin role not recognized

Related Topics