Opensearch-security-analytics plugin, permissions missing

gvdb · December 20, 2023, 10:03am

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearch-security-analytics 2.9.0.0

Describe the issue:
Can’t give user permissions to add security analytics detectors.

If I try to add extra index & cluster permissions to the user role, cluster:admin/opensearch/securityanalytics don’t showup in dropdown.

Configuration:

Relevant Logs or Screenshots:
Failed to retrieve detectors:

[security_exception] no permissions for [cluster:admin/opensearch/securityanalytics/detector/search] and User [name=xxx, backend_roles=, requestedTenant=yyyy]

as admin:

Mantas · December 20, 2023, 1:06pm

Hi @gvdb,

You can grant permission to the Security Analytics / Detector via predefined roles:

security_analytics_read_access
security_analytics_full_access

by mapping users individually or backend roles.

Best,
Mantas

gvdb · December 20, 2023, 6:58pm

Thanks Mantas, but I don’t see the "cluster:admin/opensearch/securityanalytics/* " permissions when creating a role.

gr.

gvdb · January 12, 2024, 3:27pm

fixed:

backup config (securityadmin.sh)
append missing predefined roles to roles.yml
restore roles.yml

Topic		Replies	Views
Security analytics - not able create detector Security Analytics	3	230	July 10, 2024
Permissions required for user to see "Security" tab in OpenSearch Dashboards Security troubleshoot	6	1355	June 22, 2022
Missing roles/permissions after upgrade OpenSearch upgrade	1	575	December 4, 2022
Roles and permissions - view dashboards Security	8	440	June 4, 2024
Permission Issue Setting Up Dashboards Security	2	1060	December 23, 2021

Opensearch-security-analytics plugin, permissions missing

Related topics