Elasticsearch jobs in OCP 4 failing due to "no permissions for [indices:admin/rollover] and User [name=system:serviceaccount:openshift-logging:elasticsearch, roles=[admin_reader], requestedTenant=null]"
Issue
- The jobs of elasticsearch's app,infra and audit for rollover and delete are failing with security_exception error.
{"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:admin/aliases/get] and User [name=system:serviceaccount:openshift-logging:elasticsearch, roles=[admin_reader], requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:admin/aliases/get] and User [name=system:serviceaccount:openshift-logging:elasticsearch, roles=[admin_reader], requestedTenant=null]"},"status":403}
Error while attemping to determine the active write alias: {"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:admin/aliases/get] and User [name=system:serviceaccount:openshift-logging:elasticsearch, roles=[admin_reader], requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:admin/aliases/get] and User [name=system:serviceaccount:openshift-logging:elasticsearch, roles=[admin_reader], requestedTenant=null]"},"status":403}
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4.5
- 4.6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.