No permissions for user | Security Exception

I have to delay the shards assignment after a failure and running this command for that

PUT _all/_settings
  "settings": {
    "index.unassigned.node_left.delayed_timeout": "5m"

Getting the following error while running this

  "error" : {
    "root_cause" : [
        "type" : "security_exception",
        "reason" : "no permissions for [] and User [name=<my-email-address>, backend_roles=[admin], requestedTenant=null]"
    "type" : "security_exception",
    "reason" : "no permissions for [] and User [name=<my-email-address>, backend_roles=[admin], requestedTenant=null]"
  "status" : 403

After a bit of research, I found a similar thread

I tried to run the command from inside the Kibana EC2 instance along with certificates and got the following error

error reading X.509 key or certificate file: Error in parsing when sending certificate in Curl Request

This StackOverflow thread suggests to create new certificates

I have two questions

  1. Can I apply the node delay settings some other way?
  2. If not, should I create new certificates? Will it cause any issues in the existing setup?

OpenSearch/OpenDistro are AWS run products and differ from the original Elasticsearch and Kibana products that Elastic builds and maintains. You may need to contact them directly for further assistance.

(This is an automated response from your friendly Elastic bot. Please report this post if you have any suggestions or concerns :elasticheart: )

Are you using Elasticsearch or opensearch?

We are using self-managed Elasticsearch 7.8.0 hosted on AWS EC2 instances.

OK, please note that version is EOL and no longer supported so you should be looking to upgrade as a matter of urgency.

What user are you trying to authenticate as?

Yeah, we are planning an upgrade, and it might take some time.

On dev tools, I tried to run it as my own user with admin permissions assigned. On EC2 instances, I ran the curl command as the root user.

What user did you auth to Elasticsearch with though?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.