Error when starting Elasticsearch-6.1.2-No permissions for {sg_own_index=[IndexType [index=myindex

Hello,

Please help me with below two errors I see while bringing up Elasticsearch –

Error 1 - [c.f.s.c.PrivilegesEvaluator] No permissions for {sg_own_index=[IndexType [index=myindex-2018.08.22, type=]], sg_logstash=[IndexType [index=myindex-2018.08.22, type=]]}
Error 2 -[2018-08-22T17:55:02,646][INFO ][c.f.s.c.PrivilegesEvaluator] No index-level perm match for User [name=logstash, roles=[logstash], requestedTenant=null] [IndexType [index=myindex-2018.08.22, type=*]] [Action [[indices:admin/create]]] [RolesChecked [sg_logstash, sg_own_index]]

SG Version - search-guard-6-6.1.2-22.3
Elastic/Logstash - 6.1.2
JAVA 1.8.0_66-b31

sg_roles.yml

···

sg_logstash:
cluster:
- CLUSTER_MONITOR
- CLUSTER_COMPOSITE_OPS
- indices:admin/template/get
- indices:admin/template/put
- indices:data/write/bulk*
indices:
‘logstash-’:
'
’:
- CRUD
- CREATE_INDEX
‘myindex-’:
'
’:
- CRUD
- CREATE_INDEX
beat’:
‘*’:
- CRUD
- CREATE_INDEX

sg_own_index:

cluster:
- CLUSTER_COMPOSITE_OPS
indices:
‘${user_name}’:
‘*’:
- INDICES_ALL


sg_roles_mapping.yml

sg_logstash:
backendroles:
- logstash


Logstash – output

output {

elasticsearch {
user => logstash
password => logstash
ssl => true
ssl_certificate_verification => false
index => “myindex-%{+YYYY.MM.dd}”
hosts => [“xx.xx.xx.xx:nnnn”]
}
}


Did you copy the config files verbatim here? You may have an indentation error in the config, but it may be a copy and paste error, please check:

‘myindex-*’:

‘*’:

  • CRUD

  • CREATE_INDEX

``

Here the index name (“myindex-") and the document type ("”) are on the same level. Thus it is interpreted like two indices. Try this and see if it makes a difference:

‘myindex-*’:

‘*’:

  • CRUD

  • CREATE_INDEX

This should be done for all indices. If it is a copy&paste error, please post your original config files here.

···

On Wednesday, August 22, 2018 at 6:19:31 PM UTC-5, Dharma Thadi wrote:

Hello,

Please help me with below two errors I see while bringing up Elasticsearch –

Error 1 - [c.f.s.c.PrivilegesEvaluator] No permissions for {sg_own_index=[IndexType [index=myindex-2018.08.22, type=]], sg_logstash=[IndexType [index=myindex-2018.08.22, type=]]}
Error 2 -[2018-08-22T17:55:02,646][INFO ][c.f.s.c.PrivilegesEvaluator] No index-level perm match for User [name=logstash, roles=[logstash], requestedTenant=null] [IndexType [index=myindex-2018.08.22, type=*]] [Action [[indices:admin/create]]] [RolesChecked [sg_logstash, sg_own_index]]

SG Version - search-guard-6-6.1.2-22.3
Elastic/Logstash - 6.1.2
JAVA 1.8.0_66-b31

sg_roles.yml

sg_logstash:
cluster:
- CLUSTER_MONITOR
- CLUSTER_COMPOSITE_OPS
- indices:admin/template/get
- indices:admin/template/put
- indices:data/write/bulk*
indices:
‘logstash-’:
'
’:
- CRUD
- CREATE_INDEX
‘myindex-’:
'
’:
- CRUD
- CREATE_INDEX
beat’:
‘*’:
- CRUD
- CREATE_INDEX

sg_own_index:

cluster:
- CLUSTER_COMPOSITE_OPS
indices:
‘${user_name}’:
‘*’:
- INDICES_ALL


sg_roles_mapping.yml

sg_logstash:
backendroles:
- logstash


Logstash – output

output {

elasticsearch {
user => logstash
password => logstash
ssl => true
ssl_certificate_verification => false
index => “myindex-%{+YYYY.MM.dd}”
hosts => [“xx.xx.xx.xx:nnnn”]
}
}