I am running ElasticSearch on AWS v 6.8 with SAML authentication and fine-grained access control. I restored .alerting indexes from another cluster and as an admin user, (access_all) I can see all the monitors. To allow other users to see all the alerts and monitors, I have create a role with all cluster:admin/opendistro/alerting/* permission. I also provided access to the .open_distro index.
The problem is, when user connect to Kibana and select alerting, he see all the alerts but not monitors.
If he issues request to _opendistro/_alerting/monitors/ he see 404 response code. As an admin, I see the monitor correctly with this API.
How can I give a user access to see and modify the monitors or it’s not supported in 6.8?
Here is my roles for the user:
"alerting_full_access" : {
"cluster" : [
"CLUSTER_MONITOR",
"cluster:admin/opendistro/alerting/*"
],
"tenants" : {
"Global" : "RW"
},
"indices" : {
"*" : {
"*" : [
"INDICES_MONITOR",
"indices:admin/aliases/get",
"indices:admin/mappings/get"
]
},
"?opendistro-alerting-alert*" : {
"*" : [
"CRUD"
]
},
"?opendistro-alerting-config" : {
"*" : [
"CRUD"
]
}
}
}
I mapped the user to that role.