What roles are needed for a user to create, write, & delete watchers?

We have a user defined for this purpose which has the watcher_admin role, but when we do a put to create a watcher we get the error msg: cluster:admin/script/put is unauthorized for this user.

If the watcher_admin role is not sufficient, what else do we need?

which Elasticsearch version are you on. Can you share the command you are using to store the watch?

Below are 2 curl commands that we use frequently, deleting and creating. In this case, I’m trying to create a stored script instead of a watcher. This is what is giving us the error.

curl --user user:password --request DELETE "https://es.prod.business.comcast.com:443/_scripts/getTopKeyValuesByCondition" --cacert certfile.crt

curl --user user:password --header "Content-Type: application/json" --request POST "https://es.prod.business.comcast.com:443/_scripts/getTopKeyValuesByCondition" --data-ascii "@curlstoredscript_getTopKeyValuesByCondition.json" --cacert

if you want to store scripts, you need that particular privilege as well. On top of my head this is part of the manage cluster privilege.

I think it might make sense to allow storing/deleting/getting script as part of manage_watcher. I will open an issue for this.

Thank you!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.