We recently upgraded from Open Distro 0.11 to 1.13 and now non-admin users are getting ‘Forbidden’ errors when attempting to access indices under Kibana Discover. The security audit log shows MISSING_PRIVILEGES, audit request indices:data/read/async_search/submit. I do not see this action under security permissions and unable to find a way to add this.
You can either add it through or yaml file YAML Files - Open Distro Documentation . IIRC you should also be able to create or modify an existing action group from security → Permissions. You should be able to create it even if the permission does not exist in the list. I would probably also open an issue in Issues · opensearch-project/OpenSearch-Dashboards · GitHub