Opensearch-security-analytics plugin, permissions missing

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearch-security-analytics 2.9.0.0

Describe the issue:
Can’t give user permissions to add security analytics detectors.

If I try to add extra index & cluster permissions to the user role, cluster:admin/opensearch/securityanalytics don’t showup in dropdown.

Configuration:

Relevant Logs or Screenshots:
Failed to retrieve detectors:

[security_exception] no permissions for [cluster:admin/opensearch/securityanalytics/detector/search] and User [name=xxx, backend_roles=, requestedTenant=yyyy]

as admin:
image

Hi @gvdb,

You can grant permission to the Security Analytics / Detector via predefined roles:

  • security_analytics_read_access
  • security_analytics_full_access

by mapping users individually or backend roles.

Best,
Mantas

Thanks Mantas, but I don’t see the "cluster:admin/opensearch/securityanalytics/* " permissions when creating a role.

gr.

fixed:

  1. backup config (securityadmin.sh)
  2. append missing predefined roles to roles.yml
  3. restore roles.yml
1 Like