I eneded up with this role and it works fine for me...
The trick was to give admin_all_objects

authorize.conf

[role_splunk_operations]
admin_all_objects = enabled
cumulativeRTSrchJobsQuota = 0
cumulativeSrchJobsQuota = 0
edit_server = enabled
get_diag = enabled
importRoles = power
restart_splunkd = enabled
run_debug_commands = enabled
schedule_rtsearch = disabled
srchFilter = index="_*"
srchIndexesAllowed = _*
srchIndexesDefault = _*
srchMaxTime = 0