Upgrade Elastic and Kibana from 7.17 to 8.7 - S

charlot_Attard · May 10, 2023, 7:43am

Hello,

We are in the process of migrating our Elasticsearch and Kibana from 7.17 to 8.7. We are facing an issue where after upgrading Elasticsearch works out fine but when starting Kibana we are seeing these errors.

"Action failed with 'security_exception Root cause security_exception action [indices: adamin/create] is unathorized for user [username] with effective roles superuser on restricted indices [.kibana_8.71_001] This action is granted by the index priviliges [create_index,manage,alll]' Retrying attempt "

Any idea what can be the issue ? Thankyou

cperzrt10 · May 10, 2023, 3:11pm

Maybe the user that are writing not have the proper privileges?

warkolm · May 11, 2023, 12:02am

Have you looked at the roles of this user to make sure they have the requirements;

charlot_Attard · May 11, 2023, 7:44am

User has the role as superuser, from what I found out these seem to be protected indexes and its not possible to have these permissions on them. What way can I grant the user "elastic" authorization on those indices ?

Yang_Wang · May 12, 2023, 1:53am

Superuser no longer has write permission to system indices (.kibana is one of them) in 8.x. For running kibana, the recommendation is to use either the dedicate kibana_system user or the elastic/kibana service account instead of the elastic user. These can be configured with either elasticsearch.username and elasticsearch.password or elasticsearch.serviceAccountToken.

charlot_Attard · May 12, 2023, 1:15pm

Thanks a lot for your reply @Yang_Wang When I specified elastic.username and elastic.password for kibana_system. KIbana application still tried to access elastic via a user called "elasticdeploy" although this user is not specified in kibana.yml

elasticforme · May 12, 2023, 2:32pm

try this. I remember I had same issue as well

use kibana_system inbuilt user in kibana.yml for example.

# less /etc/kibana/kibana.yml |grep kibana
elasticsearch.username: "kibana_system"
elasticsearch.password: "kibana_password"

if you do not know the password of this user setup like this

/usr/share/elasticsearch/bin/elasticsearch-reset-password -i -u kibana_system

system · June 9, 2023, 2:33pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Security_exception: action [indices:admin/create] is unauthorized for user [elasticsearch] with effective roles [superuser] on restricted indices [.kibana_analytics_8.13.4_001], this action is granted by the index privileges [create_index,manage,all]' Kibana	2	194	August 1, 2024
Kibana upgrade to 8.9 from 7.17.12 security_exception reindex Kibana	4	454	October 2, 2023
Kibana doesn't start properly at upgrade from 7.17.1 to 8.3.2 Kibana	4	808	August 16, 2022
Kibana upgrade from 7 to 8.12 errors with security_exception on saved objects migration Kibana migration	2	209	February 21, 2024
Kibana 7.17.6 > 8 Kibana_system 403 unauthorized? Elasticsearch	4	139	January 31, 2024

Upgrade Elastic and Kibana from 7.17 to 8.7 - S

Related Topics