I do experience some issues with the admin account. I suspect I need to add more permissions to the account, or I am doing something wrong.
the log line is:
FORBIDDEN by default req={ ID:1759706464-825953394#8352581, TYP:SimulatePipelineRequest, CGR:N/A, USR:*****(?), BRS:false, KDX:null, ACT:cluster:admin/ingest/pipeline/simulate, OA:*******, DA:*****, IDX:<N/A>, MET:POST, PTH:/_ingest/pipeline/_simulate, CNT:<OMITTED, LENGTH=261>, HDR:{authorization=<OMITTED>, x-real-ip=****, Connection=keep-alive, content-type=application/json, Host=elasticsearch:9200, x-forwarded-for=******, Content-Length=261}, HIS:[Beats->[groups->false]], [Admin->[kibana_access->false, auth_key_sha256->true]], [readinesshealthcheck->[groups->false]], [Curator->[groups->false]], [:::RO:::->[groups->false]], [Cluster Monitoring->[groups->false]], [FluentD Logging indices->[groups->false]], [Logstash Logging indices->[groups->false]], [Rsyslog Logging indices->[groups->false]], [ElastAlert Logging indices->[groups->false]], [Kibana Server->[groups->false]] }
(I have cleaned the log by replacing some partsthe log)
The account is:
- username: <same as USR>
auth_key_sha256: e**b87f9d
groups:
- admin
Group:
- name: Admin
groups:
- admin
indices:
- '*'
kibana_access: admin
type: allow
Also similar situation with the Monitoring. Do I need some extra permissions explicitly to be set?