OpenSearch 2.11.0
Hi community. I would like to have possibility of allowing users to see only a tenant which they have access to.
For example a have users with a backend role user
, i create a role with cluster_composite_ops_ro
and cluster_monitor
cluster permissions and tenant global_tenant
and map user
as a backend role. Also I add backend role user
to kibana_read_only
.
When I login with my user I see:
- Welcome page
- Introducing new OpenSearch Dashboards look & feel
- Tenant selection page where I have only one Global_tenant availiable.
My goal is to be forwarded to dashboards page of a tenant that this user has access avoiding pop ups and tenant selection.
opensearch/config.yml
config:
dynamic:
# opensearch-dashboards:
kibana:
multitenancy_enabled: true
private_tenant_enabled: false
default_tenant: global_tenant
server_username: kibanaserver
index: '.kibana'
do_not_fail_on_forbidden: true
dashboard/opensearch_dashboards.yml
opensearch_security.multitenancy.enabled: true
#opendistro_security.multitenancy.tenants.enable_global: true
opensearch_security.multitenancy.tenants.enable_private: false
opensearch_security.multitenancy.tenants.preferred: ["Global"]
opensearch_security.readonly_mode.roles: [kibana_read_only]
In OpenDistro the users that have access only to a single tenant was forwarded directly to this tenant.
Did I miss something in configuration?