Opensearch-security-analytics plugin, permissions missing

gvdb · December 20, 2023, 10:03am

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearch-security-analytics 2.9.0.0

Describe the issue:
Can’t give user permissions to add security analytics detectors.

If I try to add extra index & cluster permissions to the user role, cluster:admin/opensearch/securityanalytics don’t showup in dropdown.

Configuration:

Relevant Logs or Screenshots:
Failed to retrieve detectors:

[security_exception] no permissions for [cluster:admin/opensearch/securityanalytics/detector/search] and User [name=xxx, backend_roles=, requestedTenant=yyyy]

as admin:

Mantas · December 20, 2023, 1:06pm

Hi @gvdb,

You can grant permission to the Security Analytics / Detector via predefined roles:

security_analytics_read_access
security_analytics_full_access

by mapping users individually or backend roles.

Best,
Mantas

gvdb · December 20, 2023, 6:58pm

Thanks Mantas, but I don’t see the "cluster:admin/opensearch/securityanalytics/* " permissions when creating a role.

gr.

gvdb · January 12, 2024, 3:27pm

fixed:

backup config (securityadmin.sh)
append missing predefined roles to roles.yml
restore roles.yml

Topic		Replies	Views
Permissions required for user to see "Security" tab in OpenSearch Dashboards Security troubleshoot	6	1011	June 22, 2022
Missing roles/permissions after upgrade OpenSearch upgrade	1	413	December 4, 2022
Permission Issue Setting Up Dashboards Security	2	842	December 23, 2021
Creating custom roles in the Opensearch Dashboard Security Security	1	143	January 12, 2024
Permissions weird Security	10	481	October 9, 2023

Opensearch-security-analytics plugin, permissions missing

Related Topics