Unable to craeate the Custom role when using shield with kibana

security

(balaji) #1

Hi,

My ES version is :1.5.2
shield is:2.3
kibana:4.1.11

1.in /etc/elasticsearch/shield/roles.yml i have added role in the below way to only read the index '.marvel-2016.08.30' through the kibana

my_kibana_user:
cluster:
- cluster:monitor/nodes/info
- cluster:monitor/health
indices:
- names: '.marvel-2016.08.30'
privileges:
- view_index_metadata
- read
- names: '.kibana*'
privileges:
- manage
- read
- index

2.created user
bin/shield/esusers useradd test2 -r kibana4 -p pwd

3in kibana.yml added
kibana_elasticsearch_username: test2
kibana_elasticsearch_password: pwd

NOw when on kibana ./kibana

but iam getting error
{"name":"Kibana","hostname":"localhost.localdomain","pid":20806,"level":50,"err":{"message":"AuthorizationException[action [cluster:monitor/health] is unauthorized for user [test2]]","name":"Error","stack":"Error: AuthorizationException[action [cluster:monitor/health] is unauthorized for user [test2]]\n at respond (/home/ktree/kibana-4.1.11-linux-x64/src/node_modules/elasticsearch/src/lib/transport.js:235:15)\n

Can anyone please help me out how to create a custom role.

Thnaks


(Christian Dahlqvist) #2

From what I can see in the compatibility matrix it looks like you are running an unsupported combination of Shield and Elasticsearch. Are your versions correct?


(balaji) #3

Thanks a lot for quick reply

*Yes iam using that versions only.i have installed shield by
plugin -install /elasticsearch/shield/latest
so it will install shield 2.3only right?
*And my kibana is 4.1.11
my es is 1.5.2/.
..........
That link helpmed me................But getting same error...........Please help me out


(balaji) #4

HI i have canges the license to 1.0.0 and shield to 1.3.0 but still getting the same....

Plaese help me out


(system) #5