Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
2.17
Describe the issue:
I am not able to limit the indexes queried using index permissions.
I have several user roles that map to different index patterns (e.g., email-*) and these are mapped to backend IAM Roles. I may be misunderstanding how this works, but my hope was to perform a search on all indexes (using /_search) and let the role’s inherited index permissions limit the query. Instead I am getting the error down below. When I manually specify the index pattern for the user (/email-*/_search) in my function then everything works, but I want to avoid having to specify the search index.
Configuration:
email-role:
cluster_permissions:
index_permissions:
- index_patterns:
- "email-*"
allowed_actions:
- "read"
- "search"
- "indices:data/read/search"
tenant_permissions:
email-role:
backend_roles:
- "arn:aws:iam::123:role/EmailRole"
hosts: []
users:
Relevant Logs or Screenshots:
Error log:
no permissions for [indices:data/read/search] and User [name=arn:aws-:iam::123:role/EmailRole, backend_roles=[arn:aws:iam::123:role/EmailRole], requestedTenant=null]