no permissions for indices:data/read/mget indices:data/write/bulk

Search Guard
1

I defined my own role and user as follows:
sg_roles.yml:
sg_normal_user:
indices:
':
'’:
- ‘*’

- indices:data/write/bulk

cluster:
- cluster:monitor/*

···

sg_roles_mapping.yml
sg_normal_user:
users:
- es_user

Single piece of data indexing or geting succeed.
I encountered ‘no permissions for indices:data/read/mget’ in kibana, and ‘no permissions for indices:data/write/bulk’ when testing bulking.
If I change cluster permission in my sg_roles.yml:

sg_normal_user:
indices:
':
'’:
- ‘
cluster:
- '

Every thing gos ok. Thus I have to open all access for ordinary users.

search-guard: 5.2.2-12
elasticsearch: 5.2.2
system: CentOS7

I wonder if anyone can help me.

2

because I copied my config from searchguard2.x

在 2017年4月19日星期三 UTC+8上午11:13:05,wagq…@gmail.com写道:

···

I defined my own role and user as follows:
sg_roles.yml:
sg_normal_user:
indices:
':
'’:
- ‘*’

- indices:data/write/bulk

cluster:
- cluster:monitor/*

sg_roles_mapping.yml
sg_normal_user:
users:
- es_user

Single piece of data indexing or geting succeed.
I encountered ‘no permissions for indices:data/read/mget’ in kibana, and ‘no permissions for indices:data/write/bulk’ when testing bulking.
If I change cluster permission in my sg_roles.yml:

sg_normal_user:
indices:
':
'’:
- ‘
cluster:
- '

Every thing gos ok. Thus I have to open all access for ordinary users.

search-guard: 5.2.2-12
elasticsearch: 5.2.2
system: CentOS7

I wonder if anyone can help me.

3

There are some changes in the permission schema between ES2.x and ES5.x, so simply copying the permissions over will not work.

Please have a look at the file plugins/search-guard5/sgconfig/sg_action_groups.yml and sg_roles.yml for wokring example.

A regular Kibana user needs the following permissions on cluster level:

  • CLUSTER_COMPOSITE_OPS_RO

The kibana server user needs:

  • CLUSTER_MONITOR
  • CLUSTER_COMPOSITE_OPS
···

On Wednesday, April 19, 2017 at 9:53:19 AM UTC+2, wagqighua@gmail.com wrote:

because I copied my config from searchguard2.x

在 2017年4月19日星期三 UTC+8上午11:13:05,wagq…@gmail.com写道:

I defined my own role and user as follows:
sg_roles.yml:
sg_normal_user:
indices:
':
'’:
- ‘*’

- indices:data/write/bulk

cluster:
- cluster:monitor/*

sg_roles_mapping.yml
sg_normal_user:
users:
- es_user

Single piece of data indexing or geting succeed.
I encountered ‘no permissions for indices:data/read/mget’ in kibana, and ‘no permissions for indices:data/write/bulk’ when testing bulking.
If I change cluster permission in my sg_roles.yml:

sg_normal_user:
indices:
':
'’:
- ‘
cluster:
- '

Every thing gos ok. Thus I have to open all access for ordinary users.

search-guard: 5.2.2-12
elasticsearch: 5.2.2
system: CentOS7

I wonder if anyone can help me.