Hi Team, I am new to Search Guard.
I could able to configure SG with ES and Kibana. But i am getting an issue while assigning a role to user.
User is able to login, but getting permission issues. Below are the logs…
Error on Browser:
{"message":"no permissions for [indices:data/read/search] and User [name=user1, roles=[SG_MY_ROLE], requestedTenant=null]: [security_exception] no permissions for [indices:data/read/search] and User [name=user1, roles=[SG_MY_ROLE], requestedTenant=null]","statusCode":403,"error":"Forbidden"}
Error on search Guard logs:
No index-level perm match for User [name=user1, roles=[SG_MY_ROLE], requestedTenant=null] Resolved [aliases=[.kibana], indices=[], allIndices=[.kibana_1], types=[*], originalRequested=[.kibana], remoteIndices=[]] [Action [indices:data/read/search]] [RolesChecked [SG_MY_ROLE, SGS_OWN_INDEX]]
Here is my sg_roles.yml
SG_MY_ROLE:
description: “my search guard role”
cluster_permissions:
- SGS_CLUSTER_ALL
- indices:*
index_permissions:
- index_patterns:
- “localdocs”
allowed_actions:
- SGS_INDICES_ALL
- indices:data/read/search
- indices:data/read/mget*
- indices:data/read/msearch*
here is my sg_role_mapping.yml:
SG_MY_ROLE:
reserved: true
users:
- “user1”
i have googled and applied below few things but still facing the same issue…
- indices:data/read/search
- indices:data/read/mget*
- indices:data/read/msearch*
but surprisingly it is working when i set index_pattern to * like below…
index_permissions:
- index_patterns:
- “*”
But i want to apply permission to only one index_pattern. Can some one help me on it.
Thanks in Advance.
Paramesh.