Hi folks,
I am trying to create a role which should be able to manage signals (read, create new and update existing).
While I manage it to grant the test user assigned to role a view on existing signals each time when I try to open an existing signal I have following error pop up:
{
"statusCode": 403,
"error": "Forbidden",
"message": "security_exception",
"attributes": {
"body": {
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "no permissions for [indices:admin/aliases/get] and User testuser <basic/internal>"
}
],
"type": "security_exception",
"reason": "no permissions for [indices:admin/aliases/get] and User testuser <basic/internal>"
},
"status": 403
}
}
}
In dev Tools of my browser (network) I see that following call to following endpoint fails with 403:
https://kibana.url/api/searchguard-signals/_aliases
This is my role:
{
"description": "",
"cluster_permissions": [
"SGS_CLUSTER_COMPOSITE_OPS"
],
"index_permissions": [
{
"allowed_actions": [
"indices:admin/aliases/get"
],
"index_patterns": [
".*",
"searchguard*",
"signal*"
],
"fls": [],
"masked_fields": []
}
],
"tenant_permissions": [
{
"allowed_actions": [
"SGS_SIGNALS_WATCH_MANAGE"
],
"tenant_patterns": [
"*",
"SGS_GLOBAL_TENANT"
]
}
],
"exclude_cluster_permissions": [],
"exclude_index_permissions": []
}
What am I missing?