Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
2.18.0
Describe the issue:
I enabled the multi-tenant in OS-dashboard, and use the built in “kibanaserver” user in the configuration of opensearch-dashboard.yml to connect to the backend.
I observe some warnings in the os-dashboard log, they seems relate to kibanaserver user permission issue.
{“type”:“log”,“@timestamp”:“2024-12-23T07:29:42Z”,“tags”:[“error”,“plugins”,“securityDashboards”],“pid”:1,“message”:“StatusCodeError: Authorization Exception\n at respond (/usr/share/opensearch-dashboards/node_modules/elasticsearch/src/lib/transport.js:349:15)\n at checkRespForFailure (/usr/share/opensearch-dashboards/node_modules/elasticsearch/src/lib/transport.js:306:7)\n at HttpConnector. (/usr/share/opensearch-dashboards/node_modules/elasticsearch/src/lib/connectors/http.js:173:7)\n at IncomingMessage.wrapper (/usr/share/opensearch-dashboards/node_modules/lodash/lodash.js:4991:19)\n at IncomingMessage.emit (node:events:529:35)\n at IncomingMessage.emit (node:domain:489:12)\n at endReadableNT (node:internal/streams/readable:1400:12)\n at processTicksAndRejections (node:internal/process/task_queues:82:21) {\n status: 403,\n displayName: ‘AuthorizationException’,\n path: ‘/_plugins/_security/tenantinfo’,\n query: {},\n body: undefined,\n statusCode: 403,\n response: ‘’,\n toString: [Function (anonymous)],\n toJSON: [Function (anonymous)]\n}”}
i don’t know what permission I shall assign to the kibanaserver user to meet the auth requirement.
by the way, the os-dashboard log also shows many “[agentkeepalive:deprecated] options.freeSocketKeepAliveTimeout is deprecated, please use options.freeSocketTimeout instead” warning.
This is a config issue or it is something need to be update i os-dashboard code?
Configuration:
Relevant Logs or Screenshots: