"no permissions" exception for admin user

We are running, 2.6.0 Opensearch standalone node, because we were missing index template for “.opendistro*” prefixed indices they got created with replicas (but we have 1 node setup), later on we created a simple script to set their replicas setting as 0 and created a default template for all indices. But We have following issue handful of .opendistro* prefixed indices can’t be updated/deleted by even admin user, when we try it returns below exception

[security_exception] no permissions for [] and User [name=admin, backend_roles=[admin], requestedTenant=customtenant]

why? expected? should not admin user has all the priviledges?

@bakili The .opendistro* pattern matches the .opendistro_security index. This index can be managed only with an admin certificate defined in plugins.security.authcz.admin_dn: in opensearch.yml

1 Like

you mean, it has to be done from curl with certificate as authenticator? any guides online?

@bakili Correct. curl with admin certificate. There is no clear information in the documentation about the .opensearch_security index.

However, you can find brief information in the restore snapshot description.