Hi all,
I’m looking in my OpenSearch Dashboards logs and I keep see permission exceptions. They look like this:
{"type":"log","@timestamp":"2022-02-23T17:37:23Z","tags":["error","opensearch","data"],"pid":29794,"message":"[security_exception]: no permissions for [indices:data/read/get] and User [name=<redacted>, backend_roles=[<redacted>], requestedTenant=null]"}
As you can see from the above, it’s complaining that the user doesn’t have the permission indices:data/read/get
. I’ve talked to the users and it seems to happen when they view some of the dashboards. However, I’m only seeing these errors in the logs, and the users themselves aren’t reporting problems when viewing the dashboards.
These users are in their own tenant. Here is their security role:
"ir_user" : {
"reserved" : false,
"hidden" : false,
"cluster_permissions" : [
"cluster_monitor"
],
"index_permissions" : [
{
"index_patterns" : [
"sirt-*"
],
"fls" : [ ],
"masked_fields" : [ ],
"allowed_actions" : [
"read",
"indices:data/read/get"
]
}
],
"tenant_permissions" : [
{
"tenant_patterns" : [
"IR"
],
"allowed_actions" : [
"kibana_all_write"
]
}
],
"static" : false
As can be seen the role has an index permission for sirt-*
. The dashboards they are using typically involve the index pattern sirt-nw-meta-*
so I would think this should be ok, but I still get the errors. Is there a misconfiguration I have here?
One thing that is interesting to me is in the log entry seen above with the security exception, we see requestedTenant=null
, although I would expect this to have the tenant name, which is “IR”.
Any help would be appreciated. Thanks!