Can't restore
44 views
Skip to first unread message
Sacha FROMENT
May 31, 2017, 11:43:47 AM5/31/17
to Search Guard
Hello,
I'm trying to restore my db but I always get: ```{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "no permissions for cluster:admin/snapshot/restore"
}
],
"type" : "security_exception",
"reason" : "no permissions for cluster:admin/snapshot/restore"
},
"status" : 403
}```
So I searched in the doc and find this https://github.com/floragunncom/search-guard-docs/blob/master/snapshots.md.
Even my creating a new roles in sg_roles.yml and applied it, it doesn't change anything.
On the server side: ```2017-5-31 17:22:18[2017-05-31T15:22:18,904][WARN ][c.f.s.c.PrivilegesEvaluator] cluster:admin/snapshot/restore is not allowed for a regular user
```
I think I'm missing a point here...
sg_roles.yaml:
```
sg_restore:
cluster:
- cluster:admin/snapshot/restore
indices:
- indices:data/write/index
- indices:admin/create
```
sg_roles_mapping.yaml
```
sg_restore:
users:
- restore
- admin
```
search guard version 5.2.2
openjdk version "1.8.0_121"
OpenJDK Runtime Environment (build 1.8.0_121-8u121-b13-1~bpo8+1-b13)
OpenJDK 64-Bit Server VM (build 25.121-b13, mixed mode)
5 node (1 master 2 data 1 client)
SG
May 31, 2017, 11:49:34 AM5/31/17
to search...@googlegroups.com
as described in the docs you need to set:
searchguard.enable_snapshot_restore_privilege: true
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/fb2af60a-80b8-405a-a586-783ded89de0d%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
searchguard.enable_snapshot_restore_privilege: true
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/fb2af60a-80b8-405a-a586-783ded89de0d%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Message has been deleted
Sacha FROMENT
May 31, 2017, 12:21:39 PM5/31/17
to Search Guard
On Wednesday, 31 May 2017 17:49:34 UTC+2, Search Guard wrote:
as described in the docs you need to set:
searchguard.enable_snapshot_restore_privilege: true
My bad I have set it to false like an idiot sorry
Reply all
Reply to author
Forward
0 new messages