[FEATURE] Alerting plugin does not suppport tenancy

[eirsep]

I want to create monitors inside different tenants and one tenant user should not view another tenant alert monitors

Is your feature request related to a problem?
Describe the issue: We are trying to create the alert monitors in different tenants but however all the monitors are being visible in both the tenants and app teams are complaining about the RBAC in the alerting plugin.

Even after enabling the backend roles the rbac with alerting plugin is not working. Below is the settings that are enabled in the cluster.
settings_in_cluster:

{ “persistent”: { “cluster”: { “routing”: { “allocation”: { “cluster_concurrent_rebalance”: “50”, “node_concurrent_recoveries”: “50”, “enable”: “all”, “total_shards_per_node”: “5000” } }, “max_shards_per_node”: “5000” }, “indices”: { “breaker”: { “fielddata”: { “limit”: “60%” } }, “recovery”: { “max_bytes_per_sec”: “1024mb”, “max_concurrent_file_chunks”: “5”, “max_concurrent_operations”: “4” } }, “opensearch”: { “notifications”: { “general”: { “filter_by_backend_roles”: “true” } } }, “plugins”: { “index_state_management”: { “metadata_migration”: { “status”: “1” }, “template_migration”: { “control”: “-1” } }, “alerting”: { “filter_by_backend_roles”: “true” } } }, “transient”: { “cluster”: { “routing”: { “allocation”: { “disk”: { “watermark”: { “low”: “95%”, “flood_stage”: “95%”, “high”: “95%” } }, “enable”: “all”, “total_shards_per_node”: “5000” } }, “info”: { “update”: { “interval”: “1m” } }, “max_shards_per_node”: “5000” }, “plugins”: { “anomaly_detection”: { “filter_by_backend_roles”: “true” }, “alerting”: { “filter_by_backend_roles”: “true” } } } }
Roles&users:
Below are the configuration I have used for the tenants , Roles, Internal users.
For the internal users We have provided the pre-defined roles as alerting_full_access

What solution would you like?
I want to create monitors inside different tenants and one tenant user should not view another tenant alert monitors

What alternatives have you considered?
Even after creating via API's monitor got triggered but under the global tenant, not under specified tenant.

curl -k -u admin:admin -XPOST "https://127.0.0.1:9200/_plugins/_alerting/monitors" -H "Content-Type: application/json" -H "securitytenant: Tenant-1" -d '{

[eirsep]

this issue is copied over from opensearch-project/security-analytics#1300 as it was created in wrong repo.

[Sreekanth-hubs]

Could anyone please confirm If this multi tenancy is possible or not with the alerting plugin.

[Sreekanth-hubs]

https://forum.opensearch.org/t/alerting-backend-roles-not-working-even-after-enabling-the-backend-roles/21353

#119

multi tenancy is not possible with the alerting plugin.

[dblock]

[Catch All Triage - 1, 2, 3, 4]