I have a requirement to restrict access to specific indices. I’ve created both a role and a role mapping, following the examples in the SG documentation. The first thing I attempted to do was to create a role and role mapping for the indices that aren’t restricted. However, users in the assigned user group (as well as the local test user) aren’t able to even login, with these mappings in effect.
When I attempt to login, I get:
{"message":"no permissions for [indices:data/read/search] and User [name=testuser01, roles=[beats_readall], requestedTenant=null]: [security_exception] no permissions for [indices:data/read/search] and User [name=testuser, roles=[beats_readall], requestedTenant=null]","statusCode":403,"error":"Forbidden"}
My role definition is:
beats_readall:
cluster:
- "CLUSTER_COMPOSITE_OPS_RO"
indices:
'myapp1-*':
'*':
- "READ"
'myapp2-*':
'*':
- "READ"
'myapp3-*':
'*':
- "READ"
My role mapping is:
beats_readall:
backendroles:
- "MyUserGroup"
hosts: []
users:
- "testuser01"