Permissions error for creating a Enrich (.enrich-*) index after following docs

Madhav_Sharma · September 8, 2022, 6:00pm

I tied using the dev_tools console to create a .enrich-* index and i got:

"action [indices:admin/create] is unauthorized for user [foo@bar.com] with roles [superuser] on restricted indices [.enrich-foobar], this action is granted by the index privileges [create_index,manage,all]"

I created a role new role called custom-enrich (picture attached) and a new user metadata-setup-user

And after doing this, I still get the error:

elasticsearch.AuthorizationException: AuthorizationException(403, 'security_exception', 'action [indices:admin/create] is unauthorized for user [metadata-setup-user] with roles [custom-enrich,enrich_user] on restricted indices [.enrich-ec2-metadata], this action is granted by the index privileges [create_index,manage,all]')

Madhav_Sharma · September 8, 2022, 6:19pm

this is the output for the GET /_security/user/_privileges for the new user with the new role I have created.

{'cluster': ['all', 'manage', 'manage_enrich', 'manage_ingest_pipelines', 'monitor'], 'global': [], 'indices': [{'names': ['.enrich-*'], 'privileges': ['manage', 'read', 'write'], 'allow_restricted_indices': False}, {'names': ['.enrich*'], 'privileges': ['all', 'create_index', 'manage'], 'allow_restricted_indices': False}], 'applications': [], 'run_as': ['metadata-setup-user']}

stephenb · September 8, 2022, 6:47pm

'allow_restricted_indices': False

Perhaps that's your issue

'allow_restricted_indices': true

system · October 6, 2022, 6:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.