been working with ES 6.2.4 and ROR readonlyrest-1.16.19_es6.2.4.zip on my local successfully. However, on deploying the same to AWS Cloud, I am getting this error. The readonlyrest yml is also configured as shown below. Any ideas what could cause the ROR plugin to behave differently on AWS EC2 as opposed to local (windows)?
readonlyrest:
prompt_for_basic_auth: false
access_control_rules:
- name: "::KIBANA-SRV 1::"
kibana_access: admin
auth_key: kibana:kibana
verbosity: error
- name: "::RO::"
auth_key: converse:converseread
kibana_access: ro
indices: [ ".kibana", ".kibana-devnull", "logstash-*"]
kibana_hide_apps: ["readonlyrest_kbn", "timelion", "kibana:dev_tools", "kibana:management"]
- name: "::RW::"
auth_key: converse:$apr1$JRxL0HOz$ndMHCirazDfTZznLy.icH1
kibana_access: rw
indices: [".kibana", ".kibana-devnull", "logstash-*"]
kibana_hide_apps: ["readonlyrest_kbn"]
- name: "Global Write/Admin Access"
auth_key: elastic:$apr1$JRxL0HOz$ndMHCirazDfTZznLy.icH1
type: allow
actions: ["indices:data/write/*","indices:admin/*", "cluster:admin/*", "cluster:monitor/*", "indices:monitor/*"]
verbosity: error
- name: "Route53 Access"
type: allow
x_forwarded_for: ["0.0.0.0/0"]
actions: ["cluster:monitor/*", "indices:admin/get", "indices:admin/aliases", "indices:admin/aliases/*", "indices:admin/analyze", "indices:monitor/*", "indices:data/read/*"]
verbosity: error
- name: "::NGINX-RESTRICTED-GROUP::"
indices: [".kibana", ".kibana_@{user}", "@{user}_logstash-*"]
headers: ["x-forwarded-group:restricted"]
kibana_access: "ro"
kibana_hide_apps: ["readonlyrest_kbn", "apm", "timelion", "kibana:dev_tools", "kibana:management"]
proxy_auth:
proxy_auth_config: "proxy1"
users: ["*"]
verbosity: info
- name: "::NGINX-READONLY-GROUP::"
- indices: [".kibana", ".kibana_@{user}", "@{user}_logstash-*"]
headers: ["x-forwarded-group:readonly"]razDfTZznLy.icH1
kibana_access: "ro"
proxy_auth:
proxy_auth_config: "proxy1"
users: ["*"]
verbosity: info
- name: "::NGINX-ADMIN-GROUP::"
indices: [".kibana", ".kibana_@{user}", "@{user}_logstash-*"]
actions: ["indices:data/read/*", "indices:data/write/*" ]
headers: ["x-forwarded-group:admin"]
kibana_access: admin
proxy_auth:
proxy_auth_config: "proxy1"
users: ["*"]
verbosity: info
proxy_auth_configs:
- name: "proxy1"
user_id_header: "x-forwarded-user"
ERROR
[rank-eval]
[2018-05-30T13:18:25,219][INFO ][o.e.p.PluginsService ] [ip-10-203-122-126.myhost.com] loaded module [reindex]
[2018-05-30T13:18:25,219][INFO ][o.e.p.PluginsService ] [ip-10-203-122-126.myhost.com] loaded module [repository-url]
[2018-05-30T13:18:25,219][INFO ][o.e.p.PluginsService ] [ip-10-203-122-126.myhost.com] loaded module [transport-netty4]
[2018-05-30T13:18:25,219][INFO ][o.e.p.PluginsService ] [ip-10-203-122-126.myhost.com] loaded module [tribe]
[2018-05-30T13:18:25,219][INFO ][o.e.p.PluginsService ] [ip-10-203-122-126.myhost.com] loaded plugin [discovery-ec2]
[2018-05-30T13:18:25,219][INFO ][o.e.p.PluginsService ] [ip-10-203-122-126.myhost.com] loaded plugin [readonlyrest]
[2018-05-30T13:18:25,219][INFO ][o.e.p.PluginsService ] [ip-10-203-122-126.myhost.com] loaded plugin [repository-s3]
[2018-05-30T13:18:27,246][INFO ][t.b.r.e.SettingsObservableImpl] Read data from /etc/elasticsearch/readonlyrest.yml
[2018-05-30T13:18:27,387][INFO ][t.b.r.e.IndexLevelActionFilter] [ip-10-203-122-126.myhost.com] Read data from /etc/elasticsearch/readonlyrest.yml
[2018-05-30T13:18:27,403][INFO ][t.b.r.e.IndexLevelActionFilter] [ip-10-203-122-126.myhost.com] Settings observer refreshing…
[2018-05-30T13:18:27,497][ERROR][t.b.r.e.IndexLevelActionFilter] [ip-10-203-122-126.myhost.com] Cannot configure ReadonlyREST plugin
tech.beshu.ror.commons.settings.SettingsMalformedException: Unknown rule name: ‘headers’
at tech.beshu.ror.settings.RulesSettingsCreatorsRegistry.create(RulesSettingsCreatorsRegistry.java:120) ~[?:?]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193) ~[?:1.8.0_171]
at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175) ~[?:1.8.0_171]
at java.util.Iterator.forEachRemaining(Iterator.java:116) ~[?:1.8.0_171]