Admin users receive 'no permissions' error when default Kibana query is run
Issue
-
Upon query such as the default Kibana Dev Tools query below, users with /admin role receive a no permissions error.
-
This happens in an EFK instance with SearchGuard and there is a similar known bug.
GET _search
{
"query": {
"match_all": {}
}
}
- Outputs something like:
"error"
"root_cause"..
"type": "security_exception"
"reason": "no permissions for [indices:data/read/search] and User [name=user, roles=[gen_kibana_.....]
Environment
- OpenShift Container Platform 3.11
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.