Permission denied Error message is not displayed in Dashboard

Chandana_EP · May 3, 2023, 12:36am

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
Opensearch v2.6.0

Describe the issue:
I have created a user with limited permissions to access some index patterns. After logging in with the above created user credentials, accessing index patterns to which it doesn’t have permission is giving ‘SEARCH ERROR’ instead of ‘PERMISSION ERROR’.

Relevant Logs or Screenshots:

{“log”:{“message”:“[security_exception]: no permissions for [indices:data/read/search] and User [name=chandana, backend_roles=[offline_access, ep-role, uma_authorization, kibanauser, default-roles-bssc], requestedTenant=null]”},“extension”:{“type”:“log”,“tags”:[“error”,“opensearch”,“data”],“pid”:146},“type”:“log”,“level”:“info”,“system”:“BSSC”,“systemid”:“3363716ae1c447e5b0ca626c6a0bf536”,“host”:“sa-bssc-dashboards-664f8c4db7-8gl79.sanjay”,“timezone”:“UTC”,“time”:“2023-04-26T16:40:26Z”}

Gsmitt · May 3, 2023, 3:54am

Hey @Chandana_EP

I had that happen to myself. What I did was using my “admin” account , I created a new role and a action/permission group that were needed. Mapped the user/s to the role and added the ActionGroup to that role under Cluster permissions. I have found this to be easiest way for myself specially when adding more users to the same tenant.

EDIT: I forgot to say, I noticed when i do not map the user, it seams to default to the role “own_index”.

Here is an example of someusers mapped with full access.