Can't give access to specific indices to a user

Hi. I’m using AWS Opensearch and currently I’m trying to create a user that can can access only specific indices from the Opensearch Dashboard.

I created my custom role by duplicating the default all_access role then mapped it to my custom_user.
Sure enough my custom_user can list all indices.
Now I want to give access to only specific indices, for example only indices that start with “logstash”.
So I put “logstash*” then saved the role.

However now I can’t list the indices, it says

no permissions for [indices:monitor/settings/get] and User [name=custom_user, backend_roles=[], requestedTenant=Example]

Ok, so I added indices:monitor/settings/get index permission, but the same error message still appears.
If I don’t specify the index name and just put “*” I can list all the indices and no error appears.
But I want to limit the user to specific indices and I have no idea how to do it.

Here’s how my role configuration looks like.

Any help is very much appreciated. Thank you.

@wshin93
Can you please confirm how you are trying to list the index? Is it using dev tools (what command are you running), is it using Discover (is the index pattern created in the “Example” tenant?)
Also, can you make sure the value for do_not_fail_on_forbidden is set to true in config.yml:

config:
  dynamic:
    do_not_fail_on_forbidden: true