We are in the process of migrating our Elasticsearch and Kibana from 7.17 to 8.7. We are facing an issue where after upgrading Elasticsearch works out fine but when starting Kibana we are seeing these errors.
"Action failed with 'security_exception Root cause security_exception action [indices: adamin/create] is unathorized for user [username] with effective roles superuser on restricted indices [.kibana_8.71_001] This action is granted by the index priviliges [create_index,manage,alll]' Retrying attempt "
User has the role as superuser, from what I found out these seem to be protected indexes and its not possible to have these permissions on them. What way can I grant the user "elastic" authorization on those indices ?
Superuser no longer has write permission to system indices (.kibana is one of them) in 8.x. For running kibana, the recommendation is to use either the dedicate kibana_system user or the elastic/kibana service account instead of the elastic user. These can be configured with either elasticsearch.username and elasticsearch.password or elasticsearch.serviceAccountToken.
Thanks a lot for your reply @Yang_Wang When I specified elastic.username and elastic.password for kibana_system. KIbana application still tried to access elastic via a user called "elasticdeploy" although this user is not specified in kibana.yml