Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
OpenSearch and Dashboards - 2.11.0
Describe the issue:
It would be nice to have some kind of universal predefined role for log processors such as fluentbit. Especially if you want to make your installation safe and secured. For most deployments default “all_access” role is enough. But in case of possible security audit procedure permissions for every subsystem should be defined explicitly.
Configuration:
I suppose this set of action groups may be fine but grants redundant privileges:
- index
- create_index
- cluster_composite_ops
Also I’ve tried to google relevant information in context of fluentbit, opensearch and even elasticsearch. But there is nothing helpful.
Any suggestions are welcome!