I have a user that's running some 3rd party code utilizing the python client. It looks like it tries to do a HEAD request on a non-existent index (checking that it isn't there before creating it, I'm told) but instead of getting a 404, it's receiving a 403. The account being used has read, create_index, delete_index, and write on indices with names fitting the pattern it's trying to HEAD for, but it's getting a 'denied' rather than 'not found'. What privilege would need to be added to that account to permit a HEAD operation in addition to GET/PUT/POST/DELETE? I can't find anything specific to it in the docs.
cbarton (Chris Barton) #1
ikakavas (Ioannis Kakavas) #2
This is not because of the HTTP operation used. A
GET would have the same results as
Your user also needs the
view_index_metadata privilege on that index pattern
cbarton (Chris Barton) #3
That took care of it, many thanks!