Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
Opensearch 2.12
Describe the issue:
I try to write to a data stream using fluentd opensearch plugin. There i get the message:
no permissions for [indices:admin/data_stream/get] and User [name=logstash, backend_roles=[logstash]
Configuration:
roles_mapping.yml:
logstash_lrz:
reserved: false
users:
- "logstash"
roles.yml:
logstash_lrz:
reserved: true
cluster_permissions:
- "cluster_monitor"
- "cluster_composite_ops"
- "indices:admin/template/get"
- "indices:admin/template/put"
- "cluster:admin/ingest/pipeline/put"
- "cluster:admin/ingest/pipeline/get"
- "indices:admin/data_stream/get"
- "indices:admin/data_stream/create"
- "indices:admin/index_template/get"
- "indices:admin/resolve/index"
- "indices:admin/aliases/get"
- "indices:monitor/settings/get"
- "indices:monitor/stats"
- "indices:monitor/recovery"
- "indices:data/read/search"
index_permissions:
- index_patterns:
- "logstash-*"
- "kube-*"
- "logs-syslog*"
- "*beat*"
- "*fluentd*"
- "*pfelk*"
allowed_actions:
- "crud"
- "create_index"
Relevant Logs or Screenshots: