danielmitterdorfer
commented
11 months ago Can you please run curl -u $K6_ES_USER:$K6_ES_PASSWORD "https://$ES_HOST:$ES_PORT/" against your ES cluster and paste the result here?
Closed rooch84 closed 9 months ago
danielmitterdorfer
commented
11 months ago Can you please run curl -u $K6_ES_USER:$K6_ES_PASSWORD "https://$ES_HOST:$ES_PORT/" against your ES cluster and paste the result here?
rooch84
commented
11 months ago {"error":{"root_cause":[{"type":"security_exception","reason":"action [cluster:monitor/main] is unauthorized for user [$K6_ES_USER] with effective roles [$K6_ES_ROLES], this action is granted by the cluster privileges [monitor,manage,all]"}],"type":"security_exception","reason":"action [cluster:monitor/main] is unauthorized for user [$K6_ES_USER] with effective roles [$K6_ES_ROLES], this action is granted by the cluster privileges [monitor,manage,all]"},"status":403}
danielmitterdorfer
commented
11 months ago Thanks, that's helpful. In 0.2.0 we've added an additional check at the beginning to call the main action (i.e. GET /) to check whether we can successfully connect to the cluster and whether it is properly authenticated (see #13). However, that call requires the monitor privilege and your k6 Elasticsearch user lacks that.
The workaround is to add the monitor cluster privilege for that user for now or use 0.1.0. For the next release I'll think of a way to do that check without requiring additional privileges.
With the latest changes, it is not possible for us to connect to our AWS Elastic cluster, either with the URL or Cloud ID. A 403 error is reported:
time="2023-11-24T17:00:49Z" level=error msg="could not create the 'output-elasticsearch' output: cannot connect to Elasticsearch (status code 403)"It still works with a local instance, and it works if I use the 0.1.0 tag when building with xk6.