Openmetadata - Permission preparation for Search

[minh-pelago]

Context

I tried to install Data Insight application but it failed all the times due to this error

[message]: Elasticsearch exception [type=index_not_found_exception, reason=no such index [openmetadata-di-data-assets-database]] 
[failedEntities]:

Later debugging shows this error

2025-11-12T11:12:39.961+07:00 es.org.elasticsearch.client.ResponseException: method [PUT], host ... , URI [/_component_template/openmetadata-di-data-assets-mapping], status line [HTTP/1.1 403 Forbidden] es.org.elasticsearch.client.ResponseException: method [PUT], host ... , URI [/_component_template/openmetadata-di-data-assets-mapping], status line [HTTP/1.1 403 Forbidden] 2025-11-12T11:12:39.961+07:00 { "error": { "root_cause": [ { "type": "security_exception", "reason": "action [cluster:admin/component_template/put] is unauthorized for user [openmetadata] with effective roles [data-openmetadata], this action is granted by the cluster privileges [manage_index_templates,manage,all]" } ], "type": "security_exception", "reason": "action [cluster:admin/component_template/put] is unauthorized for user [openmetadata] with effective roles [data-openmetadata], this action is granted by the cluster privileges [manage_index_templates,manage,all]" }, "status": 403

In short, it tried to create a template for several index in ES
There's a need for a definitive list of minimum necessary permissions for the OMD component to interact with Elasticsearch (ES), adhering to our principle of least privilege access.