Security_exception: action [indices:admin/rollover] is unauthorized for user [<user_name>]

What am I missing in this deployment that's throwing this error? The deployment is 7.7.0 and the user and role information is below.

security_exception: action [indices:admin/rollover] is unauthorized for user [<user_name>]

User info:

{
  "data_internal" : {
    "username" : "my_role",
    "roles" : [
      "beats_system",
      "beats_admin",
      "data_writer",
      "kibana_admin"
    ],
    "full_name" : "Primary data connection",
    "email" : "",
    "metadata" : { },
    "enabled" : true
  }
}

Role info:

{
  "my_role" : {
    "cluster" : [
      "monitor",
      "manage_ilm",
      "manage_index_templates"
    ],
    "indices" : [
      {
        "names" : [
          "*"
        ],
        "privileges" : [
          "read",
          "write",
          "create_index",
          "manage_ilm"
        ],
        "field_security" : {
          "grant" : [
            "*"
          ],
          "except" : [ ]
        },
        "allow_restricted_indices" : false
      }
    ],
    "applications" : [ ],
    "run_as" : [ ],
    "metadata" : { },
    "transient_metadata" : {
      "enabled" : true
    }
  }
}

From the information that I was provided it looks like this is a known issue and is documented here: https://github.com/elastic/elasticsearch/issues/47500
Workaround is to add "manage" right at the index level for the role.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.