[BUG] incorrect opensearch cluster:monitor/tasks/list permission instead of cluster:monitor/tasks/lists #3671
Labels
bug
Something isn't working
Comments
|
Hi @FelixFeliciant , the fix for this was released in 2.6 with the folllowing PR: opensearch-project/security-dashboards-plugin#1341 You can add |
|
Thanks @cwperks for the update. I'm closing for now but feel free to reopen @FelixFeliciant if you still have issues or questions about the fix in 2.6. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I stumbled upon an issue when I tried to add cluster permission in OpenSearch-dashboards 2.5 to a role with the following permission:
cluster:monitor/tasks/list
I then tried to query with a user that has that role
GET _cat/tasks in opensearch-dashboards dev tools and I got
security_exception
no permissions for [cluster:monitor/tasks/lists] and User [name=my_user, backend_roles=[my_role], requestedTenant=]"
403
in opensearch-dashboards -> Security -> Roles ->edit\create role -> Cluster Permissions
I cannot add cluster:monitor/tasks/lists it autocompletes to cluster:monitor/tasks/list
as this is the original permission from ElasticSearch:
References:
https://www.elastic.co/guide/en/elasticsearch/reference/8.6/cat-tasks.html#cat-tasks-api-examples
https://opensearch.org/docs/2.5/security/access-control/permissions/
is there a workaround?
Thank you
The text was updated successfully, but these errors were encountered: