Internal user needs cluster:monitor/main to only read an index

OpenSearch: 2.4.1

I have created an internal user, together with a role and mapping so the user has reading rights on one index. Unfortunately this user receives a 403 back and the logging shows the following message:

No cluster-level perm match for User [name=consumer_pace_wurperson, backend_roles=, requestedTenant=null] Resolved [aliases=[], allIndices=[], types=[], originalRequested=[], remoteIndices=] [Action [cluster:monitor/main]] [RolesChecked [consumer_pace_wurperson, own_index]]. No permissions for [cluster:monitor/main]

Does anybody have an idea why this user should have these cluster rights for only reading a single index?

Kind regards,

Describe the issue:


Relevant Logs or Screenshots:

@Ploef Could you share the curl command that produced the reported error?

@Ploef I think this permission follows the logic of the REST Client. The REST Client pings / endpoint before running the query.

@pablo, thanks. Perhaps not obvious but it makes sense.