Roles.yml is not in Open Distro Security 7 format

Hi,

Elasticsearch version : 7.10.2
number of master nodes : 3
data nodes : 1

I’m getting following error when I try enable security tools in opendistro security in elasticsearch,

command : bash /usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -nhnv -nrhn -icl -cacert /etc/elasticsearch/certs/MyRootCA.pem -cert /etc/elasticsearch/certs/admin.pem -key /etc/elasticsearch/certs/admin.key -cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
Error :

ERR: Seems /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml is not in Open Distro Security 7 format: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field “cluster” (class com.amazon.opendistroforelasticsearch.security.securityconf.impl.v7.RoleV7), not marked as ignorable (7 known properties: “index_permissions”, “reserved”, “hidden”, “description”, “static”, “cluster_permissions”, “tenant_permissions”])
at [Source: (String)“{”_meta":{“type”:“roles”,“config_version”:2},“kibana_read_only”:{“reserved”:true},“security_rest_api_access”:{“reserved”:true},“alerting_read_access”:{“reserved”:true,“cluster_permissions”:[“cluster:admin/opendistro/alerting/alerts/get”,“cluster:admin/opendistro/alerting/destination/get”,“cluster:admin/opendistro/alerting/monitor/get”,“cluster:admin/opendistro/alerting/monitor/search”]},“alerting_ack_alerts”:{“reserved”:true,“cluster_permissions”:[“cluster:admin/opendistro/alerting/alerts/*”]},“”[truncated 2851 chars]; line: 1, column: 3181] (through reference chain: com.amazon.opendistroforelasticsearch.security.securityconf.impl.SecurityDynamicConfiguration[“opendistro_security_logstash”]->com.amazon.opendistroforelasticsearch.security.securityconf.impl.v7.RoleV7[“cluster”])

full output :

Clustername: sls-elk
Clusterstate: GREEN
Number of nodes: 4
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/
Will update ‘_doc/config’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/config.yml
SUCC: Configuration for ‘config’ created or updated
ERR: Seems /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml is not in Open Distro Security 7 format: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field “cluster” (class com.amazon.opendistroforelasticsearch.security.securityconf.impl.v7.RoleV7), not marked as ignorable (7 known properties: “index_permissions”, “reserved”, “hidden”, “description”, “static”, “cluster_permissions”, “tenant_permissions”])
at [Source: (String)“{”_meta":{“type”:“roles”,“config_version”:2},“kibana_read_only”:{“reserved”:true},“security_rest_api_access”:{“reserved”:true},“alerting_read_access”:{“reserved”:true,“cluster_permissions”:[“cluster:admin/opendistro/alerting/alerts/get”,“cluster:admin/opendistro/alerting/destination/get”,“cluster:admin/opendistro/alerting/monitor/get”,“cluster:admin/opendistro/alerting/monitor/search”]},“alerting_ack_alerts”:{“reserved”:true,“cluster_permissions”:[“cluster:admin/opendistro/alerting/alerts/*”]},“”[truncated 2851 chars]; line: 1, column: 3181] (through reference chain: com.amazon.opendistroforelasticsearch.security.securityconf.impl.SecurityDynamicConfiguration[“opendistro_security_logstash”]->com.amazon.opendistroforelasticsearch.security.securityconf.impl.v7.RoleV7[“cluster”])
Will update ‘_doc/rolesmapping’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles_mapping.yml
SUCC: Configuration for ‘rolesmapping’ created or updated
Will update ‘_doc/internalusers’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
SUCC: Configuration for ‘internalusers’ created or updated
Will update ‘_doc/actiongroups’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/action_groups.yml
SUCC: Configuration for ‘actiongroups’ created or updated
Will update ‘_doc/tenants’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/tenants.yml
SUCC: Configuration for ‘tenants’ created or updated
Will update ‘_doc/nodesdn’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/nodes_dn.yml
SUCC: Configuration for ‘nodesdn’ created or updated
Will update ‘_doc/whitelist’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/whitelist.yml
SUCC: Configuration for ‘whitelist’ created or updated
Will update ‘_doc/audit’ with /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/audit.yml
SUCC: Configuration for ‘audit’ created or updated
ERR: cannot upload configuration, see errors above

could anyone guide me to resolve this issue ?

Thanks in advance.