Alternative Admin Role not mapping as expected

create a custom admin role just for the sake of the name.

I want my role to give admin access including access too OpenDistro tools.

My understanding is that I have a RoleMapping called “admin” that gives role access to “all_access” role.

When I do the following, neither seem to be happening:

logging_access_admin:
  reserved: false
  backend_roles:
  - "admin"
  - "logging_access_admin"
  - "all_access"

Anyone know what I am doing wrong.

My only idea is, that there are other options to use instead of backend_role, and that could link by roleMapping to the correct permissions. But so far, the documentation lacks to show the dynamic of this config. If anyone can help, I would be grateful.

Basically what I want is, logging_access_admin to have the same permissions as the hidden roleMapping called “admin”.

@shinerrs What version of odfe are you using?
Assuming the rest of roles/role_mappings haven’t been changed, than the only entry needed is below in internal_users.yml

logging_access_admin:
    reserved: false
    backend_roles:
       - "admin"

backend role “admin” will be mapped to role “all_access” via role_mappings.yml.

Make sure to run securityadmin.sh to upload new confirm after adding above lines, as below:

./usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/ -icl -nhnv -cacert /usr/share/elasticsearch/config/root-ca.pem -cert /usr/share/elasticsearch/config/kirk.pem -key /usr/share/elasticsearch/config/kirk-key.pem -h localhost