search

opensearch-project / terraform-provider-opensearch

https://registry.terraform.io/providers/opensearch-project/opensearch
Apache License 2.0
75 stars 58 forks source link

[BUG] tenant allowed_actions not working on opensearch_role #38

Closed pawelwasowski closed 9 months ago

pawelwasowski commented 1 year ago

What is the bug?

I want to create role with read access to all tenants.

resource "opensearch_role" "global_read_only" {
  role_name           = "global_read_only"
  description         = "Read only access to global tenants and indexes"
  cluster_permissions = ["read", "get", "search"]
  index_permissions {
    index_patterns  = ["*"]
    allowed_actions = ["read", "get", "opensearch_dashboards_all_read", "search"]
  }
  tenant_permissions {
    tenant_patterns = ["*"]
    allowed_actions = ["read"]
  }
}

After terraform apply I can see that read/write permission property is empty in OpenSearch console.

I am using AWS OpenSearch v 1.3.

rishabh6788 commented 1 year ago

@phillbaker could you please advise? CC: @prudhvigodithi

jmurillo9 commented 11 months ago

@pawelwasowski & @rishabh6788 - I ran into a similar issue before. I'm using OpenSearch 2.9. You need to do allowed_actions = ["kibana_all_write"].

This will apply Read and Write as seen within the UI.

Hope this helps!.

pawelwasowski commented 9 months ago

thans @jmurillo9 it works!