I'm using the Node.js logger winston and winston-elasticsearch to send logs to Elastic Cloud (uses https://www.npmjs.com/package/@elastic/elasticsearch under the hood) and am using basic authentication (username & password).
I would like to create a new roll that only allows access to the functions required to add logs into Elasticsearch Cloud? Is there a built in role that is designed for this? I've tried adding the create &/or write permissions for the indexes but this doesn't work (when I add the superuserrole it all works as expected)
@VietCong I have looked at that page and have tried the create &/or write &/or create_doc permissions however these don't let the logs be created (as soon as I switch it to the superuser role it all works) - I would have thought one of these roles should have been sufficient?
You need to create a role with those permissions first, then assign the role to your user with role mapping. Then you should be able to do write to the index
I would take a look at this page for role creation example
@VietCong Yes I've created a role using the above permissions and assigned it to the correct user such as the below however we receive no logs for a role with these permissions. As soon as the user is granted the superuser role the logs are ingested again.
Are you writing from logstash? If so what error do you see from logstash? Also if you could share your role and role mapping results for this user, that would be great
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.