We are using org.elasticsearch:elasticsearch-spark-20_2.11:5.3.0 for EsSpark.
When we do SaveToES or SaveJsonToES, the same es user which works for logstash and curl always get denied with the following error:
action [indices:admin/refresh] is unauthorized for user [reader_writer]
This user has the role with following privs:
indices is ‘*’ with privs of write, create_index, monitor.
That is enough for logstash, why not for Spark saveToES?
When we add "manage" to the role, it is able to do SaveToES,
Does anybody have the same problem and share please?