Describe the issue:
I set up multi-tenancy on opensearch dashboards and created a read-only tenant.
Since then, I have been continuously encountering the following error, and I don’t know why.
Please help.
Failed to resolve if it’s a readonly tenant: Error: Not Found
Relevant Logs or Screenshots:
Dec 13 12: 17: 05 opensearch-dashboards[
2272623
]: {
“type”: “log”,
“@timestamp”: “2024-12-13T03:17:05Z”,
“tags”: [
“error”,
“plugins”,
“securityDashboards”
],
“pid”: 2272623,
“message”: “Failed to resolve if it’s a readonly tenant: Error: Not Found\n
at SecurityClient.dashboardsinfo (/usr/share/opensearch-dashboards-2.18.0/plugins/securityDashboards/server/backend/opensearch_security_client.ts: 130: 13)\n
at processTicksAndRejections (node:internal/process/task_queues: 95: 5)\n
at ReadonlyService.isReadonly (/usr/share/opensearch-dashboards-2.18.0/plugins/securityDashboards/server/readonly/readonly_service.ts: 101: 30)\n
at ReadonlyService.hideForReadonly (/usr/share/opensearch-dashboards-2.18.0/src/core/server/security/readonly_service.js: 18: 13)\n
at /usr/share/opensearch-dashboards-2.18.0/src/plugins/data/server/index_patterns/index_patterns_service.js: 49: 14\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 52: 21\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/resolve_capabilities.js: 51: 26\n
at /usr/share/opensearch-dashboards-2.18.0/src/core/server/capabilities/routes/resolve_capabilities.js: 53: 26\n
at Router.handle (/usr/share/opensearch-dashboards-2.18.0/src/core/server/http/router/router.js: 174: 44)\n
at handler (/usr/share/opensearch-dashboards-2.18.0/src/core/server/http/router/router.js: 140: 50)\n
at exports.Manager.execute (/usr/share/opensearch-dashboards-2.18.0/node_modules/@hapi/hapi/lib/toolkit.js: 60: 28)\n
at Object.internals.handler (/usr/share/opensearch-dashboards-2.18.0/node_modules/@hapi/hapi/lib/handler.js: 46: 20)\n
at exports.execute (/usr/share/opensearch-dashboards-2.18.0/node_modules/@hapi/hapi/lib/handler.js: 31: 20)\n
at Request._lifecycle (/usr/share/opensearch-dashboards-2.18.0/node_modules/@hapi/hapi/lib/request.js: 371: 32)\n
at Request._execute (/usr/share/opensearch-dashboards-2.18.0/node_modules/@hapi/hapi/lib/request.js: 281: 9)”
}
Yes, this is a duplicate of the previous issue and I will close it and continue the conversation here. It’s a very difficult problem, and I would appreciate your help.
@pizzaman I understand the reported user belongs to an external IDP. You’ve mapped the backend role OPENSEARCH_ADMIN to the all_access role.
Do you have an issue with this user? The all_access role will have read/write access to all tenants.
The read/write permission is set for the role, not the tenant.