Skip to content

Unauthorized error when using API key for Kibana alerting #632

New issue
New issue
Closed
Closed
Unauthorized error when using API key for Kibana alerting#632
Labels
bugSomething isn't working
@dimuon

Description

@dimuon
dimuon
opened on May 15, 2024

Describe the bug

Kibana alerting client fails to authorize using api key with the error

***"statusCode":401,"error":"Unauthorized","message":"Unauthorized"***

Looks like the issue is introduced by the regenerating Kibana OpenAPI specs from https://raw.githubusercontent.com/elastic/kibana/8.7/x-pack/plugins/alerting/docs/openapi/bundled.json.

Also, looks like the acc tests don't use API key authoz for Kibana alerting.

To Reproduce
Steps to reproduce the behavior:

  1. Use Kibana alerting with API key authorization:
provider "elasticstack" {
  elasticsearch {}
  kibana {
    endpoints = ["http://localhost:5601"]
    api_key = "<REDACTED>"
  }
}

resource "elasticstack_kibana_alerting_rule" "example" {
  name        = "test-rule"
  consumer    = "alerts"
  notify_when = "onActiveAlert"
  params = jsonencode({
    timeSize = 5,
    timeUnit = "m",
    logView = {
      "type" = "log-view-reference",
      "logViewId" = "default"
    },
    count = {
      "value" = 3,
      "comparator" = "more than"
    },
    criteria = [
      {
	"field" = "response",
	"comparator" = "matches",
	"value" = "200"
      }
    ]
  })
  rule_type_id = "logs.alert.document.count"
  interval     = "1m"
  enabled      = true
}
  1. TF operations to execute to get the error: terraform plan,terraform apply
  2. See the error in the output:
Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: Unabled to get alerting rule
│
│   with elasticstack_kibana_alerting_rule.example,
│   on rule.tf line 26, in resource "elasticstack_kibana_alerting_rule" "example":
│   26: resource "elasticstack_kibana_alerting_rule" "example" {
│
│ Failed with: {"statusCode":401,"error":"Unauthorized","message":"Unauthorized"}

Expected behavior
The provider should display the valid plan.

Debug output

HTTP/1.1 401 Unauthorized
...
{
 "statusCode": 401,
 "error": "Unauthorized",
 "message": "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate with provided credentials and anonymous access is not allowed for this request]: unable to authenticate with provided credentials and anonymous access is not allowed for this request"
}

Versions (please complete the following information):

  • Terraform Version 1.8.2
  • Provider version main branch

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions