Unable to restore an ElasticSearch snapshot with Security Error

Hello,

I’m using ElasticSearch 6.7.2 with Search Guard and Google Cloud Storage Repository Plugin (Google Cloud Storage repository plugin | Elasticsearch Plugins and Integrations [master] | Elastic) using Google Cloud Storage as a repository for my Snapshots.

I can create the Snapshots without any problem. They doesn’t contains the searchguard index and I set “include_global_state” parameter as false.

But I cannot restore any of my snapshots. When I try, I get the error:

{
“error”: {
“root_cause”: [
{
“type”: “security_exception”,
“reason”: “no permissions for and User [name=admin, roles=[admin], requestedTenant=null]”
}
],
“type”: “security_exception”,
“reason”: “no permissions for and User [name=admin, roles=[admin], requestedTenant=null]”
},
“status”: 403
}

As you can see, I’m using the admin user for test the request, and I keep the defaults roles.

The cluster logs:

[2019-05-27T21:01:24,056][WARN ][c.f.s.p.SnapshotRestoreEvaluator] [node_hot_1] cluster:admin/snapshot/restore is not allowed for a regular user

Has any Search Guard configuration I must set to work with _restore API?

For SG6, you need to set:

searchguard.enable_snapshot_restore_privilege: true

in elasticsearch.yml.

This has been changed in SG7 where “true” is now the default.

Now are working fine. Thanks you.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.