Problem with indexed groovy script, bulk API, and shield


I've chosen to enable all indexed scripts for my cluster and am able to put groovy scripts into .scripts with my admin user. (I should mention I setup shield with the default config.)

However, when using the readwrite user, I get the following error when trying to use the script in doing a update operation with the bulk API:

{'update': {'error': {'type': 'illegal_argument_exception', 'reason': 'failed to execute script', 'caused_by': {'type': 'security_exception', 'reason': 'action [indices:data/read/get] is unauthorized for user [__es_system_user]'}}, '_id': '4d18aa36-126e-42f9-a397-7abae036e3e5', 'status': 400, '_type': 'subscriber', '_index': 'primary'}}

I am using version 2.3.3 and the first 6 characters of my cluster id are 4523f3.

1 Like

Hi @founderbits, this seems to be an excellent question for the "X-Pack" category. I've moved the post for you.


Thanks for reporting @founderbits. I am moving this to the Shield discussion category and will take a look into reproducing the issue.

I tracked down the problem and opened a PR to fix the issue in elasticsearch

1 Like

Hi @jaymode, I've come across this same error on my 2.3.3 cluster, is there an ETA for when 2.3.4 will be available on ES Cloud? Thx!

We do not give dates for our releases since there are many unknowns, but the release should be available on cloud immediately once released.