Why do I not have permissions to the indices tab of my Elastic Search domain?
I created a domain in Elastic Search which I appear to be able to administrate correctly. It seems to have data coming in, but in the dashboard I get a permissions error under the Indices tab:
/_stats: {"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:monitor/stats] and User [name=arn:aws:iam::6730xxxxxxxxx8:role/Admin, backend_roles=[arn:aws:iam::6730xxxxxxxxxx8:role/Admin], requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:monitor/stats] and User [name=arn:aws:iam::6730xxxxxxxxx8:role/Admin, backend_roles=[arn:aws:iam::6730xxxxxxxxx8:role/Admin], requestedTenant=null]"},"status":403}
I have access set to "Open access", so I don't see why this wouldn't work?
Any ideas?
- Newest
- Most votes
- Most comments
Could be a fine grained access missing. ES has fine grained access control, please check the below
Index-Level Security
Index-level permissions include the ability to create new indices, search indices, read and write documents, delete documents, manage aliases, and more. Manage these permissions using the Index Permissions tab when creating a role. For a list of index-level action groups, see the Open Distro for Elasticsearch documentation
. https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/fgac.html
also, check the role mapping for the user “ arn:aws:iam::xxxxxx” a
To create a role mapping, login to Kibana, navigate to Security > Role Mappings, and click Create role mapping. Give your role mapping a unique name and choose which roles you wish to assign to your users.
https://aws.amazon.com/blogs/database/set-access-control-for-amazon-elasticsearch-service/
Relevant content
AWS OFFICIALUpdated 10 months ago- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago
Hi. Did you solve this? I have the same issue.