RBAC permissions implications

I have a limited user account that has only permissions to install and sync packs. But there seems to maybe be some implications that are missing when you’re limiting a user role like this which is failing the install the pack(s)

name: pack_management
description: Allows a user to install, register, and modify packs only
       - "pack_list"
       - "pack_install"
       - "pack_uninstall"
       - "pack_create"
       - "pack_register"
       - "pack_config"
       - "pack_search"
       - "pack_views_index_health"
    resource_uid: "action:packs.install"
       - "action_execute"

But because there’s no execution_view permissions the pack install fails

st2@st2appl01 ~ $ st2 pack install ansible

For the "ansible" pack, the following content will be registered:

actions   |  8
rules     |  0
sensors   |  0
aliases   |  0
triggers  |  0

Installation may take a while for packs with many items.
ERROR: 403 Client Error: Forbidden
MESSAGE: User "<user>" doesn't have required permission "execution_view" on resource "execution:60d34c08d795d3d021105294" for url:

I’ve tried doing permissions like:

    resource_uid: "execution:"
       - "execution_view"

    resource_uid: "execution:*"
       - "execution_view"

But none of these are working. I dont know if there’s a specific uid to use for something like this or if I need to register this as a type of permission bug.

Did you try using the global permission execution_list, e.g.
- “execution_list”