Opensearch readonly user creation

peaky · September 19, 2023, 11:04am

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearch 2.9.0

Describe the issue:

How to create a readonly user in opensearch similar to readonly user in elastic search? Which of the permissions needed for this readonly user?

Configuration:

Relevant Logs or Screenshots:

Eugene7 · September 19, 2023, 12:38pm

Hi @peaky

Have you tried the following example?

peaky · September 19, 2023, 2:20pm

Yes i have tried that example and not viewing the dashboards. i have applied several permissions but still not displaying any dashboards

Eugene7 · September 21, 2023, 2:51pm

Hi @peaky!

Please try to add kibana_user and read_only_index roles for your user.

peaky · September 28, 2023, 6:32pm

Hi @Eugene7

There is no such “read_only_index” role in the opensearch. The “kibana_user” role is not a readonly user. so we can’t use that. Please suggest a solution

Eugene7 · September 29, 2023, 3:51pm

Hi @peaky,

Please try the following steps:

Create the read_only_index role as described in the following documentation: Users and roles - OpenSearch documentation
Add the indices:data/read/search permission for the read_only_index role.
Create the opensearch_dashboards_read_only role with the read permission for the .kibana* and .opensearch_dashboards* indexes.