Hello,
I’m running SG and ES 5.2.2. No matter what role I pin my user to, I cannot run many ES commands (requests) and simply see the following error:
{
“error” : {
“root_cause” : [
{
“type” : “security_exception”,
“reason” : “no permissions for indices:monitor/stats”
}
],
“type” : “security_exception”,
“reason” : “no permissions for indices:monitor/stats”
},
“status” : 403
}
``
Today, this problem arose when I ran
curl ‘http://localhost:9200/_cat/indices?v&pretty=true’ -u awesomeuser:awesomepass
``
This user is successfully mapped to the following role:
sg_all_access_2:
cluster:
indices:
‘*’:
‘*’:
``
The ActionGroups are untouched.
To me the following proves that the user is mapped to the role correctly:
[RolesChecked [sg_all_access_2, sg_delete, sg_monitor, sg_public]]
``
Please give me some insight into what could be wrong here. Maybe it’s fixed in a later version?
Please and thank you,
Marco.
Pls send/post your logfiles and make sure you no more than one filtered alias defined.
···
On Thursday, 27 July 2017 16:35:39 UTC+2, mco…@n…com wrote:
Hello,
I’m running SG and ES 5.2.2. No matter what role I pin my user to, I cannot run many ES commands (requests) and simply see the following error:
{
“error” : {
“root_cause” : [
{
“type” : “security_exception”,
“reason” : “no permissions for indices:monitor/stats”
}
],
“type” : “security_exception”,
“reason” : “no permissions for indices:monitor/stats”
},
“status” : 403
}
``
Today, this problem arose when I ran
curl ‘http://localhost:9200/_cat/indices?v&pretty=true’ -u awesomeuser:awesomepass
``
This user is successfully mapped to the following role:
sg_all_access_2:
cluster:
indices:
‘*’:
‘*’:
``
The ActionGroups are untouched.
To me the following proves that the user is mapped to the role correctly:
[RolesChecked [sg_all_access_2, sg_delete, sg_monitor, sg_public]]
``
Please give me some insight into what could be wrong here. Maybe it’s fixed in a later version?
Please and thank you,
Marco.
For some reason, I am not encountering this problem at all today. Let’s ignore this for now. Thank you for your time.
···
On Thursday, July 27, 2017 at 9:29:20 PM UTC+2, Search Guard wrote:
Pls send/post your logfiles and make sure you no more than one filtered alias defined.
On Thursday, 27 July 2017 16:35:39 UTC+2, mco…@n…com wrote:
Hello,
I’m running SG and ES 5.2.2. No matter what role I pin my user to, I cannot run many ES commands (requests) and simply see the following error:
{
“error” : {
“root_cause” : [
{
“type” : “security_exception”,
“reason” : “no permissions for indices:monitor/stats”
}
],
“type” : “security_exception”,
“reason” : “no permissions for indices:monitor/stats”
},
“status” : 403
}
``
Today, this problem arose when I ran
curl ‘http://localhost:9200/_cat/indices?v&pretty=true’ -u awesomeuser:awesomepass
``
This user is successfully mapped to the following role:
sg_all_access_2:
cluster:
indices:
‘*’:
‘*’:
``
The ActionGroups are untouched.
To me the following proves that the user is mapped to the role correctly:
[RolesChecked [sg_all_access_2, sg_delete, sg_monitor, sg_public]]
``
Please give me some insight into what could be wrong here. Maybe it’s fixed in a later version?
Please and thank you,
Marco.