Opensearch readonly user creation

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearch 2.9.0

Describe the issue:

How to create a readonly user in opensearch similar to readonly user in elastic search? Which of the permissions needed for this readonly user?

Configuration:

Relevant Logs or Screenshots:

Hi @peaky

Have you tried the following example?

Yes i have tried that example and not viewing the dashboards. i have applied several permissions but still not displaying any dashboards

Hi @peaky!

Please try to add kibana_user and read_only_index roles for your user.

Hi @Eugene7

There is no such “read_only_index” role in the opensearch. The “kibana_user” role is not a readonly user. so we can’t use that. Please suggest a solution

Hi @peaky,

Please try the following steps:

  1. Create the read_only_index role as described in the following documentation: Users and roles - OpenSearch documentation
  2. Add the indices:data/read/search permission for the read_only_index role.
  3. Create the opensearch_dashboards_read_only role with the read permission for the .kibana* and .opensearch_dashboards* indexes.

Hi @Eugene7

I have created the mentioned roles and mapped to the user. But still not viewing any of the dashboards

Attaching the screenshot of the dashboard after adding the roles.

Also the permissions that i given to the role

Hi @Eugene7

I think the issue has been solved. It’s is due to one of the tenants that i missed to add in the readonly role.

Thanks for the help