opensearch-docs-cn/_security/configuration/system-indices.md

---
layout: default
title: System indexes
parent: Configuration
nav_order: 4
---

# System indexes

By default, OpenSearch has a protected system index, `.opendistro_security`, which is used to store the Security configuration YAML files. You create this index using [securityadmin.sh]({{site.url}}{{site.baseurl}}/security/configuration/security-admin/). Even with a user account that has read permissions for all indexes, you can't directly access the data in this system index.

Instead, you first need to authenticate with an [admin certificate]({{site.url}}{{site.baseurl}}/security/configuration/tls/#configuring-admin-certificates) to gain access:

```bash
curl -k --cert ./kirk.pem --key ./kirk-key.pem -XGET 'https://localhost:9200/.opendistro_security/_search'
```

When Security is installed, the demo configuration automatically creates the `.opendistro_security` system index. It also adds several other indexes for the various OpenSearch plugins that integrate with the Security plugin:

```yml
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opendistro-asynchronous-search-response*"]
```

You can add additional system indexes in `opensearch.yml`. An alternative way to remove a system index is to delete it from the `plugins.security.system_indices.indices` list on each node and restart OpenSearch.
Reorganize Configuration section of the Security TOC (#2212) * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * Rename security section. Fix links. Add redirects Signed-off-by: Naarcha-AWS <naarcha@amazon.com> --------- Signed-off-by: cwillum <cwmmoore@amazon.com> Signed-off-by: Naarcha-AWS <naarcha@amazon.com> Co-authored-by: Naarcha-AWS <naarcha@amazon.com> 2023-01-27 13:12:47 -05:00			`---`
			`layout: default`
			`title: System indexes`
			`parent: Configuration`
			`nav_order: 4`
			`---`

			`# System indexes`

			By default, OpenSearch has a protected system index, `.opendistro_security`, which is used to store the Security configuration YAML files. You create this index using [securityadmin.sh]({{site.url}}{{site.baseurl}}/security/configuration/security-admin/). Even with a user account that has read permissions for all indexes, you can't directly access the data in this system index.

Link fix (#3223) Signed-off-by: Fanit Kolchina <kolchfa@amazon.com> 2023-03-06 11:41:22 -05:00			`Instead, you first need to authenticate with an [admin certificate]({{site.url}}{{site.baseurl}}/security/configuration/tls/#configuring-admin-certificates) to gain access:`
Reorganize Configuration section of the Security TOC (#2212) * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * fix#2155-sec-toc-config-reorg Signed-off-by: cwillum <cwmmoore@amazon.com> * Rename security section. Fix links. Add redirects Signed-off-by: Naarcha-AWS <naarcha@amazon.com> --------- Signed-off-by: cwillum <cwmmoore@amazon.com> Signed-off-by: Naarcha-AWS <naarcha@amazon.com> Co-authored-by: Naarcha-AWS <naarcha@amazon.com> 2023-01-27 13:12:47 -05:00
			```bash
			`curl -k --cert ./kirk.pem --key ./kirk-key.pem -XGET 'https://localhost:9200/.opendistro_security/_search'`
			```

			When Security is installed, the demo configuration automatically creates the `.opendistro_security` system index. It also adds several other indexes for the various OpenSearch plugins that integrate with the Security plugin:

			```yml
			`plugins.security.system_indices.enabled: true`
			`plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert", ".opendistro-anomaly-results", ".opendistro-anomaly-detector", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-", ".opendistro-notifications-", ".opendistro-notebooks", ".opendistro-asynchronous-search-response"]`
			```

			You can add additional system indexes in `opensearch.yml`. An alternative way to remove a system index is to delete it from the `plugins.security.system_indices.indices` list on each node and restart OpenSearch.