Good morning,
I am trying to connect with Elasticsearch Output Plugin using cloud_id and cloud_auth. I receive an error message about permissions to access https://my_cloud_instance/_license, looks like, for a grant problem.
The Logstash configuration of the plugin:
output {
elasticsearch {
cloud_id => "my_cloud_id"
cloud_auth => "my_user:my_password"
index => "journaling_insert"
}
}
If I try to access the same url (https://my_cloud_instance.com/_license) that Logstash is complaining about thru browser and I try to login at the prompt I receive the following message as well:
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "action [cluster:monitor/xpack/license/get] is unauthorized for user [my_user] with effective roles [application_writer,ccsettlement_manager,dfm_location_detail_manager,epic_gl_txn_writer,gti_writer,journal_writer,monitoring_user,reportable_writer,virtualcard_writer], this action is granted by the cluster privileges [monitor,manage,all]"
}
],
"type": "security_exception",
"reason": "action [cluster:monitor/xpack/license/get] is unauthorized for user [my_user] with effective roles [application_writer,ccsettlement_manager,dfm_location_detail_manager,epic_gl_txn_writer,gti_writer,journal_writer,monitoring_user,reportable_writer,virtualcard_writer], this action is granted by the cluster privileges [monitor,manage,all]"
},
"status": 403
}
That is a 403 Not Authorized.
Let’s clarify that if I use HTTP Output Plugin with same username and password:
output {
http {
http_method=>"post"
format => "message"
url => "https://my_cloud_instance/_bulk"
content_type => "application/json"
message => "%{[message]}"
headers => { "Authorization" => "Basic my_hashed_user+password" }
}
}
it works perfectly fine.
Do you guys have any hint?