opensearch-docs-cn/_security-plugin/configuration/system-indices.md

27 lines
1.5 KiB
Markdown
Raw Normal View History

2021-05-28 13:48:19 -04:00
---
layout: default
title: System Indices
parent: Configuration
nav_order: 15
2021-05-28 18:20:24 -04:00
redirect_from: /docs/security/configuration/system-indices/
2021-05-28 13:48:19 -04:00
---
# System indices
2021-06-09 22:15:41 -04:00
By default, OpenSearch has a protected system index, `.opensearch_security`, which you create using [securityadmin.sh]({{site.url}}{{site.baseurl}}/security-plugin/configuration/security-admin/). Even if your user account has read permissions for all indices, you can't directly access the data in this system index.
2021-05-28 13:48:19 -04:00
You can add additional system indices in in `opensearch.yml`. In addition to automatically creating `.opensearch_security`, the demo configuration adds several indices for the various OpenSearch plugins that integrate with the security plugin:
```yml
2021-06-08 18:35:12 -04:00
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opendistro-asynchronous-search-response*"]
2021-05-28 13:48:19 -04:00
```
2021-06-09 22:15:41 -04:00
To access these indices, you must authenticate with an [admin certificate]({{site.url}}{{site.baseurl}}/security-plugin/configuration/tls/#configure-admin-certificates):
2021-05-28 13:48:19 -04:00
```bash
curl -k --cert ./kirk.pem --key ./kirk-key.pem -XGET 'https://localhost:9200/.opensearch_security/_search'
```
2021-06-08 18:35:12 -04:00
The alternative is to remove indices from the `plugins.security.system_indices.indices` list on each node and restart OpenSearch.