Description of problem: After successful deployment of EFK-Stack a user with cluster-admin rights is able to view all logs (including .operations logs). When a new user with limited priviledges is added to a newly created group that has been assigned a cluster-admin role, following exception/error is shown after log-in into Kibana: "Discover: [security_exception] no permissions for indices:data/read/msearch" Version-Release number of selected component (if applicable): OpenShift Master: v3.5.5.15 Kubernetes Master: v1.5.2+43a9be4 How reproducible: ansible masters -a "htpasswd -b /etc/origin/master/htpasswd admin1 admin1234" oadm groups new admin-group1 oadm groups add-users admin-group1 admin1 oadm policy add-cluster-role-to-group cluster-admin admin-group1 Steps to Reproduce: 1. Create a basic user 2. Create a group 3. Add the newly created user to the group from step 2 4. Grant cluster role "cluster-admin" to the group from step 2 5. Log in into OpenShift UI with the user from step 1 6. Go to "logging" project and click on the kibana route URL 7. Log in into Kibana with the user from step 1 Actual results: "Discover: [security_exception] no permissions for indices:data/read/msearch" Expected results: The permission to see all logs from elasticsearch thru Kibana (including .operations log) Additional info:
Looks like a dup of or related to https://bugzilla.redhat.com/show_bug.cgi?id=1397683
This is a duplicate of 1456413 which will be resolved in 3.5 when the PR lands since they both use same version of the PR. This issue is a result of there being no indexes that match the kibana pattern we seed. *** This bug has been marked as a duplicate of bug 1456413 ***