Hello everyone,
Could you help me
I need my application to write to a specific index via anonymous.
How should I do it?
@yalkun, for your case you can enable anonymous access to the Elasticsearch and then provide required permission for it - Opendistro Elasticsearch Give admin level privilege to anonymous user.
i following this instruction, but i have error
ERR: Seems /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml is not in Open Distro Security 7 format: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field “cluster” (class com.amazon.opendistroforelasticsearch.security.securityconf.impl.v7.RoleV7), not marked as ignorable (7 known properties: “index_permissions”, “reserved”, “hidden”, “description”, “static”, “cluster_permissions”, “tenant_permissions”])
version of ES OSS 7.8.0, OpenDistro 1.9
something is wrong with your roles.yml
file
roles.yml is not in Open Distro Security 7 format
For testing purposes you can used the following configuration:
roles.yml
# Role for anonymous authentication
opendistro_security_anonymous:
cluster_permissions:
- "unlimited"
index_permissions:
- index_patterns:
- "*"
allowed_actions:
- "unlimited"
tenant_permissions:
- tenant_patterns:
- "Global"
allowed_actions:
- "kibana_all_write"
roles_mapping.yml
opendistro_security_anonymous:
backend_roles:
- "opendistro_security_anonymous_backendrole"
This will give anonymous user a full permission to the Elasticsearch. After the test, you can limit it as required.