Hi all,
I’ve started up OD Kibana container (v0.10.0) to connect to an AWS ES. The container starts up fine but I’m not able to login using the default admin/admin credentials.
Upon login, the exception below is observed:
Debug: internal, implementation, error
Error: Authorization Exception
at handler (/usr/share/kibana/plugins/opendistro_security/lib/auth/types/basicauth/routes.js:153:36)
{"type":"error","@timestamp":"2019-11-27T08:37:36Z","tags":[],"pid":1,"level":"error","error":{"message":"Authorization Exception","name":"Error","stack":"Error: Authorization Exception\n at handler (/usr/share/kibana/plugins/opendistro_security/lib/auth/types/basicauth/routes.js:153:36)"},"url":{"protocol":null,"slashes":null,"auth":null,"host":null,"port":null,"hostname":null,"hash":null,"search":null,"query":{},"pathname":"/api/v1/auth/login","path":"/api/v1/auth/login","href":"/api/v1/auth/login"},"message":"Authorization Exception"}
I’ve created the necessary YAML files outlined in https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/yaml/ and mounted it to /usr/share/kibana/plugins/opendistro_security/securityconfig.
My custom kibana.yml file content is as below:
server.host: "0"
elasticsearch.hosts: ["https://<aws es instance>:443"]
elasticsearch.ssl.verificationMode: "none"
opendistro_security.auth.type: "basicauth"
opendistro_security.basicauth.enabled: false
opendistro_security.multitenancy.enabled: true
opendistro_security.multitenancy.show_roles: true
opendistro_security.multitenancy.enable_filter: true
opendistro_security.multitenancy.tenants.enable_global: true
opendistro_security.multitenancy.tenants.enable_private: true
opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
opendistro_security.readonly_mode.roles: ["kibana_read_only"]
Can anyone advise if I’m missing something?
Thanks.