Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearch 2.9.0
Describe the issue:
How to create a readonly user in opensearch similar to readonly user in elastic search? Which of the permissions needed for this readonly user?
Configuration:
Relevant Logs or Screenshots:
Hi @peaky
Have you tried the following example?
Yes i have tried that example and not viewing the dashboards. i have applied several permissions but still not displaying any dashboards
Hi @peaky!
Please try to add kibana_user and read_only_index roles for your user.
Hi @Eugene7
There is no such “read_only_index” role in the opensearch. The “kibana_user” role is not a readonly user. so we can’t use that. Please suggest a solution
Hi @peaky,
Please try the following steps:
indices:data/read/search permission for the read_only_index role.opensearch_dashboards_read_only role with the read permission for the .kibana* and .opensearch_dashboards* indexes.Hi @Eugene7
I have created the mentioned roles and mapped to the user. But still not viewing any of the dashboards
Attaching the screenshot of the dashboard after adding the roles.
Hi @Eugene7
I think the issue has been solved. It’s is due to one of the tenants that i missed to add in the readonly role.
Thanks for the help
Good Day !!
I have referred your above response but facing one issue when i add FLS it didn’t works for me but without adding FLS it works perfectly below are my details can you please assist me.
I have created another user logviewer with readonly permission but when i add FLS for one of the field “kubernetes.deployment.name” this is for testing purpose i am getting “500 internal server” but without adding FLS it worked perfectly.
User - logviewer
Role - finspuserrole
Cluster Permission - cluster_composite_ops
Index - log-finsp* , .kibana* , .opensearch_dashboards*
Index Permission - read
Include - kubernetes.deployment.name
Tenant - global_tenant
can you please help how can i resolve this issue , let me know if you need any additional details from my end.
