only19
February 29, 2024, 7:15pm
1
Versions (relevant - OpenSearch/Dashboard/Server OS/Browser): 12.2
Describe the issue :
I have OpenSearch version 12.2 installed, and I want to use the assistant feature. I already have my OpenAI model loaded, along with its respective connector and model group. I’ve also activated assistant.chat.enabled
as required by this guide (dashboards-assistant/GETTING_STARTED_GUIDE.md at main · opensearch-project/dashboards-assistant · GitHub ). The problem arises when I run this command:
PUT .plugins-ml-config/_doc/os_chat
{
"type":"os_chat_root_agent",
"configuration":{
"agent_id": "xhIx9o0BgH1_aAmC2aFz"
}
}
I get this error message:
{
“error”: {
“root_cause”: [
{
“type”: “security_exception”,
“reason”: “no permissions for and User [name=admin, backend_roles=[admin], requestedTenant=user ]”
}
],
“type”: “security_exception”,
“reason”: “no permissions for and User [name=admin, backend_roles=[admin], requestedTenant=user ]”
},
“status”: 403
}
When I check the service logs, it shows me this specifically:
[2024-02-29T18:58:43,294][WARN ][o.o.s.p.SecurityIndexAccessEvaluator] [qxopensearch0-node1] indices:data/write/index for ‘.plugins-ml-config’ index is not allowed for a regular user
I’ve tried everything; I’ve created all the roles and permissions, but I can’t seem to execute the command to activate the agent
Configuration :
Relevant Logs or Screenshots :
pablo
February 29, 2024, 9:00pm
2
@only19 Please try with admin certificate and curl.
i.e.
curl --insecure --cert config/kirk.pem --key config/kirk-key.pem -H "Content-Type: application/json" -XPUT https://localhost:9200/.plugins-ml-config/_doc/os_chat -d '
{
"type":"os_chat_root_agent",
"configuration":{
"agent_id": "your root agent id"
}
}
'
[opensearch@81f7a60a73c8 ~]$ curl --insecure --cert config/kirk.pem --key config/kirk-key.pem https://localhost:9200/.plugins-ml-config/_search?pretty {
"took" : 772,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 2,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
{
"_index" : ".plugins-ml-config",
"_id" : "master_key",
"_score" : 1.0,
"_source" : {
"master_key" : "J6HZA+eQd72/umG6IY/9L28X6oatsevTXirR/bOlNps=",
"create_time" : 1709239265690
}
},
{
"_index" : ".plugins-ml-config",
"_id" : "os_chat",
"_score" : 1.0,
"_source" : {
"type" : "os_chat_root_agent",
"configuration" : {
"agent_id" : "your root agent id"
}
}
}
]
}
}
only19
February 29, 2024, 10:37pm
3
Pablo, thank you very much for the help. I’ve really tried everything
Let me share the output of the first command with you.
[root@qxopensearch0 config]# curl --insecure --cert kirk.pem --key kirk-key.pem -H “Content-Type: application/json” -XPUT https://localhost:9200/.plugins-ml-config/_search?pretty -d ’
> > {
> > "type":"os_chat_root_agent",
> > "configuration":{
> > "agent_id": "xhIx9o0BgH1_aAmC2aFz"
> > }
> > }
> > '
{
"error" : "Incorrect HTTP method for uri [/.plugins-ml-config/_search?pretty] and method [PUT], allowed: [GET, POST]",
"status" : 405
}
I also tried with the POST method, but it throws a syntax error. Anyway, that method doesn’t work for registering the agent
only19
February 29, 2024, 10:38pm
4
Here is the output of the second command.
[root@qxopensearch0 config]# curl --insecure --cert kirk.pem --key kirk-key.pem https://localhost:9200/.plugins-ml-config/_search?pretty
{
"took" : 2,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 1,
"relation" : "eq"
},
"max_score" : 1.0,
"hits" : [
{
"_index" : ".plugins-Preformatted textml-config",
"_id" : "master_key",
"_score" : 1.0,
"_source" : {
"master_key" : "qvK3QM1S811MKGF+K6SeB2AqGJrFAMabbw95re+Tq3E=",
"create_time" : 1709061173749
}
}
]
}
}
pablo
February 29, 2024, 11:04pm
5
@only19 Sorry I’ve sent you incorrect URL.
Try with https://localhost:9200/.plugins-ml-config/_doc/os_chat
instead.
I’ve just updated my last post.
1 Like
Why should we do that? Is there any explanation? Even logged as ADMIN, going via UI inside the Dev Tools gives the same error.