Using the OpenSearch Custom Role
Adding a user to a team that has the OpenSearch Custom Role selected, gives you the flexibility to decide very granular permissions directly using the OpenSearch Security roles.
Tip: You can manage Kibana Custom Roles directly from the Logit.io Teams Dashboard and only need to manage roles using OpenSearch Security Roles directly if you have a specific granular use case.
Managing Security Roles directly in OpenSearch
Launch OpenSearch Dashboards and from the left menu choose Security > Roles and choose the required Role for example stack_user_ro. Choose the Mapped Users tab and Manage Mapping.
Paste the Logit.io User Id into the Users input box. You can find the Logit.io User Id by choosing profile in the left menu of the platform dashboard.
Choose Map to add the user to the Kibana Role. You can add multiple users at the same time using this method.
Viewing which Roles a User currently has assigned
In OpenSearch from the left menu choose Security > Roles. Choose from the Internal Users dropdown the required users Logit.io Id.
The Roles that the selected user(s) are mapped to are then displayed in the list.
Adding a new OpenSearch Role
If you need to create a new role to save time you can duplicate an existing role, for example, the stack_user role and choose Actions > Duplicate. This allows you to then edit the duplicated role and just modify index and tenant permissions where needed.
Tip: In most cases, any new roles will need to have read access to the following indexes to allow the OpenSearch Discover view to work as expected .kibana .kibana-6 .kibana_*
Removing a User from a specific OpenSearch Role
To remove a user's Logit.io Id from OpenSearch Security choose the required Role and select the Mapped Users tab. Select the user that you need to remove and choose Delete Mapping. The User no longer has permission to access the selected Role.
Learn about managing OpenSearch security roles
Learn how to give users or team access only to a specific index in OpenSearch
Learn about managing workspaces using OpenSearch Multi-Tenancy
Learn how to manage teams and user permissions with Role-Based Access (RBAC)
Learn how to invite and add users to teams