Skip to content

Add indices:admin/mappings/get to ml_full_access role for Agentic Search#6076

Draft
owaiskazi19 wants to merge 3 commits intoopensearch-project:mainfrom
owaiskazi19:fix/ml-full-access-mappings-get
Draft

Add indices:admin/mappings/get to ml_full_access role for Agentic Search#6076
owaiskazi19 wants to merge 3 commits intoopensearch-project:mainfrom
owaiskazi19:fix/ml-full-access-mappings-get

Conversation

@owaiskazi19
Copy link
Copy Markdown
Member

@owaiskazi19 owaiskazi19 commented Apr 7, 2026

Description

Adds indices:admin/mappings/get to the ml_full_access role to support Agentic Search (QueryPlanningTool). QPT needs to retrieve index mappings to generate accurate OpenSearch DSL queries from natural language input.

Dependency

This PR depends on opensearch-project/ml-commons#4785, which changes QueryPlanningTool to use GetMappingsRequest instead of GetIndexRequest. Without that ml-commons change, QPT would require the broader indices:admin/get permission. With it, only indices:admin/mappings/get is needed.

Security implications

This permission does not expose system index mappings. System indices are protected by multiple layers:

  1. System index permission layer — When plugins.security.system_indices.permissions.enabled is true (default), accessing system indices requires the system:admin/system_index permission, which ml_full_access does not have.
  2. Security config index protection — The .opendistro_security index has additional hardcoded protection that filters it from wildcard requests when plugins.security.filter_securityindex_from_all_requests is enabled.
  3. Scoped access — QPT calls getMappings with a specific user-provided index name, not *.

This is a read-only metadata permission — it only exposes field names and types, not document data.

Consistent with existing rolesindices:admin/mappings/get is already used by knn_full_access, query_assistant_access, and reports_read_access with the same index_patterns: ['*'] scope.

Related Issue

opensearch-project/ml-commons#4775

Check List

  • New functionality includes testing
    • N/A (config-only change to a predefined role)
  • New functionality has been documented
    • N/A
  • Commits are signed off as per the DCO using --signoff

@owaiskazi19 owaiskazi19 mentioned this pull request Apr 7, 2026
Open
@cwperks
Copy link
Copy Markdown
Member

cwperks commented Apr 7, 2026

TY @owaiskazi19 . The changes LGTM but the build on main is broken atm due to Jackson 3.x upgrade in core. I will have a PR raised mometarily for that.

@cwperks
Copy link
Copy Markdown
Member

cwperks commented Apr 7, 2026

@owaiskazi19 it may be good to take this opportunity to extract the ml roles from this repo and provide them as classpath resources from within the ml repo instead. See #6038

rithinpullela
rithinpullela reviewed Apr 8, 2026
View reviewed changes
config/roles.yml
- index_patterns:
- '*'
allowed_actions:
- 'indices:admin/mappings/get'
Copy link
Copy Markdown
Contributor

@rithinpullela rithinpullela Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we also need indices:data/read/search* because agentic search also samples documents from the index, should we add that too?

Copy link
Copy Markdown
Member Author

@owaiskazi19 owaiskazi19 Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call. QPT's async chain has two steps: (1) getMappings for index structure, and (2) a search to sample a document. indices:data/read/search* would be needed for it

@owaiskazi19
Add indices:admin/mappings/get to ml_full_access role
c303272 
Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>
@owaiskazi19
Fix permission ordering in ml_full_access role
7a14561 
Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>
@owaiskazi19
Add indices:data/read/search* to ml_full_access for Agentic Search
75b48d7 
QueryPlanningTool samples documents from the target index using a
matchAllQuery search. This requires indices:data/read/search* permission
which is consistent with other full_access roles (anomaly_full_access,
ppl_full_access, asynchronous_search_full_access, forecast_full_access).

Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>
@owaiskazi19 owaiskazi19 force-pushed the fix/ml-full-access-mappings-get branch from 4eae239 to 75b48d7 Compare April 10, 2026 18:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cwperks cwperks Awaiting requested review from cwperks cwperks will be requested when the pull request is marked ready for review cwperks is a code owner

@DarshitChanpura DarshitChanpura Awaiting requested review from DarshitChanpura DarshitChanpura will be requested when the pull request is marked ready for review DarshitChanpura is a code owner

@derek-ho derek-ho Awaiting requested review from derek-ho derek-ho will be requested when the pull request is marked ready for review derek-ho is a code owner

@finnegancarroll finnegancarroll Awaiting requested review from finnegancarroll finnegancarroll will be requested when the pull request is marked ready for review finnegancarroll is a code owner

@nibix nibix Awaiting requested review from nibix nibix will be requested when the pull request is marked ready for review nibix is a code owner

@RyanL1997 RyanL1997 Awaiting requested review from RyanL1997 RyanL1997 will be requested when the pull request is marked ready for review RyanL1997 is a code owner

@reta reta Awaiting requested review from reta reta will be requested when the pull request is marked ready for review reta is a code owner

@shikharj05 shikharj05 Awaiting requested review from shikharj05 shikharj05 will be requested when the pull request is marked ready for review shikharj05 is a code owner

@willyborankin willyborankin Awaiting requested review from willyborankin willyborankin will be requested when the pull request is marked ready for review willyborankin is a code owner

1 more reviewer

@rithinpullela rithinpullela rithinpullela approved these changes

Reviewers whose approvals may not affect merge requirements

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@owaiskazi19 @cwperks @rithinpullela