Hi Guys,
I'm trying to understand how X-Pack work but i think i miss something,
Lets say in my Kibana i have the following patterns:
prod-java*
prod-nodejs*
and i would like to create a role, that role will map a read permission to only "prod-java*" pattern,
so i create the role by the following command:
POST _xpack/security/role/prod-java-reader
{
"cluster": [ "monitor" ],
"indices": [
{
"names": [ "prod-java*" ],
"privileges": [
"read",
"index",
"indices:data/read/search[phase/query]",
"indices:admin/validate/query",
"indices:data/read/search",
"indices:data/read/msearch",
"indices:data/read/field_stats"]
}
]
}
After i create the role, i assigned the following roles to my user : [kibana_user,prod-java-reader]
i login successfully, but when i switch to the pattern prod-java* i got the following error:
Unauthorized 403 for /search/read/data
Please take the time to correctly format your posts either using (```) blocks or the </> button. it is very hard to read unformatted snippets. Please take the time to fix this in your post, this will greatly improve the chances of your question being answered.
read should be enough for read only access, you don't need any of the other ones. .
Please copy and paste the exact error you get. It is very hard to figure out what goes on when you paste approximations of the error messages.
Please don't post images of text as they are hard to read, may not display correctly for everyone, and are not searchable.
Instead, paste the text and format it with </> icon or pairs of triple backticks (```), and check the preview window to make sure it's properly formatted before posting it. This makes it more likely that your question will receive a useful answer.
It would be great if you could update your post to solve this.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.