I am trying out new -vc,--validate-configs <version>
flag of sgadmin, but it doesn’t pass the example of Permissions and action groups
of version 7.x-36.0.0
from this page.
I am getting following error:
ERR: Seems /elasticsearch/my_repo/sg_action_groups.yml is not in SG 7 format: com.fasterxml.jackson.databind.JsonMappingException: No enum constant com.floragunn.searchguard.sgconf.impl.CType.ACTIONSGROUPS
at [Source: {"_sg_meta":{"type":"actionsgroups","config_version":2},"MY_ACTION_GROUP":{"reserved":false,"allowed_actions":["indices:data/read/search*","indices:data/read/msearch*","MY_OTHER_ACTION_GROUP"]},"MY_OTHER_ACTION_GROUP":{"reserved":true,"description":"my other action group","type":"index","allowed_actions":["indices:data/read/suggest*"]}}; line: 1, column: 21] (through reference chain: com.floragunn.searchguard.sgconf.impl.SgDynamicConfiguration["_sg_meta"]->com.floragunn.searchguard.sgconf.impl.Meta["type"])
The procedure I followed:
- mkdir -p /elasticsearch/my_repo
- create a file called sg_action_groups.yml that contains following yaml:
_sg_meta:
type: "actionsgroups"
config_version: 2
MY_ACTION_GROUP:
reserved: false
allowed_actions:
- "indices:data/read/search*"
- "indices:data/read/msearch*"
- MY_OTHER_ACTION_GROUP
MY_OTHER_ACTION_GROUP:
reserved: true
description: "my other action group"
type: "index"
allowed_actions:
- "indices:data/read/suggest*"
- Run sgafmin config validation
/elasticsearch/plugins/search-guard-7/tools/sgadmin.sh -vc 7 -cd "/elasticsearch/my_repo"
The full log:
bash-4.4# /elasticsearch/plugins/search-guard-7/tools/sgadmin.sh -vc 7 -cd "/elasticsearch/my_repo"
Search Guard Admin v7
Validate configuration for Version 7
ERR: Seems /elasticsearch/my_repo/sg_action_groups.yml is not in SG 7 format: com.fasterxml.jackson.databind.JsonMappingException: No enum constant com.floragunn.searchguard.sgconf.impl.CType.ACTIONSGROUPS
at [Source: {"_sg_meta":{"type":"actionsgroups","config_version":2},"MY_ACTION_GROUP":{"reserved":false,"allowed_actions":["indices:data/read/search*","indices:data/read/msearch*","MY_OTHER_ACTION_GROUP"]},"MY_OTHER_ACTION_GROUP":{"reserved":true,"description":"my other action group","type":"index","allowed_actions":["indices:data/read/suggest*"]}}; line: 1, column: 21] (through reference chain: com.floragunn.searchguard.sgconf.impl.SgDynamicConfiguration["_sg_meta"]->com.floragunn.searchguard.sgconf.impl.Meta["type"])
ERR: Seems /elasticsearch/my_repo/sg_internal_users.yml is not in SG 7 format: java.io.FileNotFoundException: /elasticsearch/my_repo/sg_internal_users.yml (No such file or directory)
ERR: Seems /elasticsearch/my_repo/sg_roles.yml is not in SG 7 format: java.io.FileNotFoundException: /elasticsearch/my_repo/sg_roles.yml (No such file or directory)
ERR: Seems /elasticsearch/my_repo/sg_roles_mapping.yml is not in SG 7 format: java.io.FileNotFoundException: /elasticsearch/my_repo/sg_roles_mapping.yml (No such file or directory)
ERR: Seems /elasticsearch/my_repo/sg_config.yml is not in SG 7 format: java.io.FileNotFoundException: /elasticsearch/my_repo/sg_config.yml (No such file or directory)