Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
Opensearch/Dashboards 2.7.0
Deploy on K8s version 1.24.2
Describe the issue:
I have created a role that gets mapped to a backend_role through keycloak, the roles should give read and write privileges to specific index.
However, the role is not working right when I put specific index patterns the user gets a blank page in the discovery pages. It doesn’t show any other error not even in the logs.
If I give the user access to all the index but using the while *
, everything works the discovery page works fine.
Configuration:
This configurations does not work:
{
"test-role": {
"reserved": false,
"hidden": false,
"cluster_permissions": [
"cluster_composite_ops",
"indices_monitor",
"cluster_manage_index_templates"
],
"index_permissions": [{
"index_patterns": [
"logs*"
],
"dls": "",
"fls": [],
"masked_fields": [],
"allowed_actions": [
"read",
"indices_monitor",
"create_index",
"index",
"manage",
"write",
"search"
]
}],
"tenant_permissions": [{
"tenant_patterns": [
"global_tenant"
],
"allowed_actions": [
"kibana_all_read"
]
}],
"static": false
}
}
Working configuration
{
"test-role": {
"reserved": false,
"hidden": false,
"cluster_permissions": [
"cluster_composite_ops",
"indices_monitor",
"cluster_manage_index_templates"
],
"index_permissions": [{
"index_patterns": [
"*"
],
"dls": "",
"fls": [],
"masked_fields": [],
"allowed_actions": [
"read",
"indices_monitor",
"create_index",
"index",
"manage",
"write",
"search"
]
}],
"tenant_permissions": [{
"tenant_patterns": [
"global_tenant"
],
"allowed_actions": [
"kibana_all_read"
]
}],
"static": false
}
}