Commit Graph

165 Commits

Author SHA1 Message Date
Naarcha-AWS 146a01c78e
Merge pull request #420 from mm-govau/security-roles-in-dls
Documentation for security roles to be used for DLS parameter substit…
2022-05-25 14:53:26 -05:00
hdhalter e6d0a9d96f
Merge pull request #600 from opensearch-project/Fix-#580
Removed OpenDistro from GET command (Issue #580)
2022-05-23 17:22:55 -07:00
Heather Halter ac509b2566 “fixed
Signed-off-by: Heather Halter <hdhalter@amazon.com>
2022-05-23 14:03:11 -07:00
alicejw 6e65cf2494 for editor's review comments
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-11 14:33:50 -07:00
alicejw e473df4cce found more instances of to change to for
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-06 15:50:26 -07:00
alicejw 3d1087ed60 i found out that the original term was correct here, it is a term lookup query, not the generic so changing it back.
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-06 15:48:06 -07:00
alicejw 2d5062d85b disambiguate use of TLQ acronym applied incorrectly to because it represents instead.
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-06 15:39:01 -07:00
Naarcha-AWS aa9f88e37a
Merge pull request #509 from opensearch-project/whitelist-replace2.0
Add allowlist for more inclusive nomenclature
2022-05-03 14:50:25 -05:00
Naarcha-AWS c6f7341993 Break up allowlist
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-05-03 14:49:55 -05:00
Naarcha-AWS 73eea241ef Remove use of allowlist
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-05-03 14:38:37 -05:00
Naarcha-AWS 28194d5653 Add CamelCase:
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-05-03 14:36:26 -05:00
Naarcha-AWS 35bfcd883d
Merge pull request #512 from opensearch-project/remove-mapping-types2.0
Remove type from all API requests and responses
2022-05-03 14:33:31 -05:00
Naarcha-AWS 9cc549f0d9
Merge pull request #516 from alicejw-aws/DLS-issue-474
[issue 474] document DLS mode usage for Term Lookup Query support
2022-05-03 14:28:17 -05:00
alicejw f8da06360a for editor review updates
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-02 14:09:18 -07:00
alicejw 388b57cad2 to fix table format
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 18:00:05 -07:00
alicejw 2ece32042c include full mode name
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 17:37:33 -07:00
alicejw ab644a3daa more rewrites for clarity
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 17:34:28 -07:00
alicejw e176dffb66 rewrite to make concise within a single table
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 16:53:52 -07:00
alicejw 543bff618c for evaluation mode table
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 16:46:06 -07:00
alicejw b263e000a1 to make TQL consistent and add link to term-level queries section
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 15:32:03 -07:00
Naarcha-AWS 9194940dbf Add feedback.
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-04-25 12:46:16 -05:00
alicejw 306885ca9c for reviewer feedback updates
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-25 10:12:33 -07:00
alicejw 40f7b00960 for TQL with document-level security modes for issue https://github.com/opensearch-project/documentation-website/issues/474
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-21 18:47:14 -07:00
Darshit Chanpura 2e5bcf1924 Updates all documentation relevant to securityconfig folder name change in the security plugin build flow
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
2022-04-14 22:47:09 -04:00
alicejw 19e11b85fb updates for reviewer comments
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-14 12:43:13 -07:00
alicejw db3de3b235 for review comment/update
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-14 11:48:51 -07:00
Naarcha-AWS 0a24fa2992 Remove from all API requests and responses
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-04-14 12:55:17 -05:00
Naarcha-AWS e5ed103a1a Add allowlist for more inclusive nomenclature
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-04-14 12:27:27 -05:00
alicejw 99132b618a more concise descriptions
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-13 17:46:20 -07:00
alicejw 0293b0b048 more clarity about independent operations of a user's global vs private tenant
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-13 17:37:46 -07:00
alicejw 49499216c0 for clarifying global and primary tenant functionality per doc bug https://github.com/opensearch-project/documentation-website/issues/488
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-13 17:18:29 -07:00
Liz Snyder 65a719b60f Add default o11y roles
Signed-off-by: Liz Snyder <elizabsn@amazon.com>
2022-04-12 10:15:44 -07:00
keithhc2 416a3b1cea Added observability permissions
Signed-off-by: keithhc2 <keithhc2@users.noreply.github.com>
2022-04-11 16:08:06 -07:00
Jean-Christian Simonetti 8cb010552e Documentation for security-dashboards-plugin PR929
Signed-off-by: Jean-Christian Simonetti <github@elysiria.fr>
2022-04-09 11:33:50 +02:00
Naarcha-AWS 05b4aff4ee Add feedback
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-02-23 13:30:59 -06:00
Naarcha-AWS 6885fe37af Fix typos
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-02-22 15:11:59 -06:00
Naarcha-AWS 8c61db15df Add warning about Kerberos support in Dashboards
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-02-22 15:08:50 -06:00
Matthew Moreland fac8b9676c Documentation for security roles to be used for DLS parameter substitution. Added under opensearch-project/security/#1568
Signed-off-by: Matthew Moreland <matthew.moreland1@defence.gov.au>
2022-02-22 14:11:20 +11:00
Anthony7774 fc077224a7 Update to LDAP docs for multiple user and role bases
Signed-off-by: Anthony7774 <anton.rubin@eliatra.com>
2022-01-28 10:53:17 +00:00
ashwinkumar12345 bbe5a50906 “..”
Signed-off-by: ashwinkumar12345 <kumarjao@users.noreply.github.com>
2022-01-10 09:08:57 -08:00
Miki 13dd9a4e02 Separate OpenSearch Dashboards version from that of OpenSearch
Signed-off-by: Miki <miki@amazon.com>
2021-12-22 11:27:02 -08:00
Keith Chan 403850b412
Merge pull request #323 from opensearch-project/java-client-and-security-fixes
Added security instructions to Java clients and fixed audit log child pages
2021-12-16 10:16:42 -08:00
keithhc2 78b8930f58 Fixed cert names
Signed-off-by: keithhc2 <keithhc2@users.noreply.github.com>
2021-12-15 13:13:18 -08:00
keithhc2 164a9a57c4 Changed index name back to kibana
Signed-off-by: keithhc2 <keithhc2@users.noreply.github.com>
2021-12-10 13:47:49 -08:00
keithhc2 0ab79cbdb6 Added security instructions to Java clients
Signed-off-by: keithhc2 <keithhc2@users.noreply.github.com>
2021-12-08 15:00:01 -08:00
ashwinkumar12345 987bc7c4ab validation api 2021-11-08 11:41:49 -08:00
YuCheng Hu 5547b38aaa Test Compile 2021-10-29 14:30:58 -04:00
YuCheng Hu d37b2d99c4 Test Chinese version for init build 2021-10-29 14:25:42 -04:00
Ashwin Kumar d991dd48c5
Merge pull request #234 from opensearch-project/rev_parameter
Added -rev parameter to securityadmin.sh
2021-10-20 13:34:42 -07:00
Sebas-h 0d6010716a
Fix authc configuration format. 2021-10-18 12:47:34 +02:00
MrpPolo cc6f01b92c
Update proxy.md
Update opensearch_dashboards setting to latest version.
2021-10-14 14:35:57 +08:00
ashwinkumar12345 866ab1a039 first draft 2021-10-13 12:13:38 -07:00
Andrew Etter 83a6779bb9
Merge pull request #192 from opensearch-project/cross-cluster-replication
Cross-cluster replication docs
2021-10-05 15:20:59 -07:00
Andrew Etter 4b5402ad01
Merge pull request #172 from opensearch-project/ism-security
Added security to ISM
2021-10-05 15:19:49 -07:00
Liz Snyder 214f82f1e3 Merge branch 'main' of https://github.com/opensearch-project/documentation-website into cross-cluster-replication 2021-09-30 16:22:36 -07:00
Liz Snyder 5862b1b300 First crack at CCR docs 2021-09-30 16:10:28 -07:00
aetter 973d967514 Update impersonation.md 2021-09-29 14:57:46 -07:00
aetter 65d2ef4860 Re-add SAML example 2021-09-29 09:29:41 -07:00
aetter d4c20f0402 Re-add LDAP Docker example
Update Docker Compose file
2021-09-28 15:33:48 -07:00
Andrew Etter 48d1603ed1
Merge pull request #187 from opensearch-project/permissions-improvements
Improve permissions introduction
2021-09-28 13:53:15 -07:00
aetter 01a9fb6d6d Adding async back in, just in case 2021-09-28 11:10:36 -07:00
aetter cbdefc2463 Improve permissions introduction
Also corrects some permissions names that still use `opendistro`, adds missing permissions, adds some short () description to unclear permissions.
2021-09-28 10:54:04 -07:00
Keith Chan a38eb15400
Merge pull request #183 from opensearch-project/security-yml-files
Add descriptions to config yaml files and added some security APIs
2021-09-27 17:08:12 -07:00
keithhc2 dc69f8010b Added a setting to enable patch configuration 2021-09-27 17:07:38 -07:00
keithhc2 c85fd21b4f Addressed comments 2021-09-27 10:07:37 -07:00
keithhc2 430b9fed50 Added "security" 2021-09-24 14:53:33 -07:00
keithhc2 e8a863e943 Minor language tweak 2021-09-24 14:23:17 -07:00
keithhc2 b12dab6705 Add descriptions to config yaml files and added some security APIs 2021-09-24 14:13:26 -07:00
aetter d2ba96967b Give CCS Compose file unique node names
Avoid weird conflicts if you use our main Compose file and then try to use this one.
2021-09-24 13:49:48 -07:00
aetter 30378f0076 Sentence case access control page names 2021-09-21 12:34:59 -07:00
aetter 21ae64aac9 Move to h2 2021-09-17 14:17:21 -07:00
keithhc2 a69440b262 Addressed comments 2021-09-15 13:47:04 -07:00
keithhc2 0b9f197358 Added security to ISM 2021-09-10 11:57:30 -07:00
aetter 243c7315e4 Update generate-certificates.md 2021-09-08 08:34:57 -07:00
aetter eaba608cfd Update some Dashboards settings paths 2021-09-07 15:28:29 -07:00
aetter 00d2db4917 De-duplicate content
Point readers to the more comprehensive content: https://github.com/opensearch-project/documentation-website/issues/144
2021-08-18 14:17:41 -07:00
aetter b695c750ad Improve self-signed certificate script 2021-08-17 12:46:50 -07:00
Andrew Etter 294da5c0df
Merge pull request #135 from opensearch-project/security-admin-script-improvements
Improve securityadmin.sh content
2021-08-16 08:32:36 -07:00
Keith Chan f7093ffd8f
Changed `plugins` to `opensearch_security` 2021-08-13 11:12:23 -07:00
aetter d1a065587c Fix typo 2021-08-12 16:29:17 -07:00
aetter 6f32dce469 Merge branch 'main' into remove-redirects 2021-08-12 14:50:28 -07:00
Miki 634db90e9b Link checker plugin and some fixes to URLs
Signed-off-by: Miki <mehranb@amazon.com>
2021-08-12 14:45:04 -07:00
aetter 0d58bcf854 Remove outdated redirects 2021-08-12 14:34:31 -07:00
aetter a75fbf62dc Improve securityadmin.sh content
More warnings around usage, better sample commands
2021-08-12 14:25:46 -07:00
aetter 187bccec6b Typo in security recommendation 2021-08-10 13:03:10 -07:00
Miki ba5bfa429f Fix paths in `redirect_from` data
Signed-off-by: Miki <mehranb@amazon.com>
2021-08-04 11:16:37 -07:00
Keith Chan 96a70a820a
Merge pull request #120 from opensearch-project/security-updates
Added whitelist.yml
2021-07-28 13:39:55 -07:00
keithhc2 dc2f349d7e Addressed comment and added note about users and roles 2021-07-28 13:21:25 -07:00
keithhc2 30df98e078 Added whitelist.yml 2021-07-28 11:41:08 -07:00
aetter 5f678cd814 Add "introduced" labels for APIs 2021-07-26 16:14:22 -07:00
keithhc2 c961ca45d0 Added "openid_connect_idp" to TLS configurations 2021-07-16 15:11:11 -07:00
Horvv 9ae5a6bfc8
Update disable.md
The line to create the new image by deactivating the security plugin uses "security-dashboards" and this returns the following error:

docker build --tag=opensearch-dashboards-no-security .                                                                                                      
Sending build context to Docker daemon   5.12kB
Step 1/3 : FROM opensearchproject/opensearch-dashboards:1.0.0
 ---> 6a109c3fbebf
Step 2/3 : RUN /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin remove security-dashboard
 ---> Running in 965b66ef7abd
Unable to remove plugin because of error: "Plugin [security-dashboard] is not installed"
The command '/bin/sh -c /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin remove security-dashboard' returned a non-zero code: 74



Instead using the correct plugin name "securityDashboards" the image compiles correctly:

docker build --tag=opensearch-dashboards-no-security .                                                                                                       
Sending build context to Docker daemon  6.144kB
Step 1/3 : FROM opensearchproject/opensearch-dashboards:1.0.0
 ---> 6a109c3fbebf
Step 2/3 : RUN /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin remove securityDashboards
 ---> Using cache
 ---> bb9a535b8e42
Step 3/3 : COPY --chown=opensearch-dashboards:opensearch-dashboards opensearch_dashboards.yml /usr/share/opensearch-dashboards/config/
 ---> e6e76bba8a4f
Successfully built e6e76bba8a4f
Successfully tagged opensearch-dashboards-no-security:latest


Ref:
-  https://opensearch.org/docs/dashboards/install/plugins/#list-installed-plugins
-  https://github.com/opensearch-project/documentation-website/blob/main/_dashboards/install/plugins.md
2021-07-13 19:06:13 +02:00
aetter b8bf7a2f1d Add link recommending password policy 2021-07-11 18:10:36 -07:00
aetter 6c6c9c619f Merge branch 'main' into security-issues 2021-07-11 18:02:29 -07:00
aetter 79b647ee62 Add SSL configuration for Dashboards 2021-07-09 15:33:35 -07:00
Keith Chan e5bec0b980
Yet another tweak 2021-07-09 15:09:57 -07:00
keithhc2 d3d9774eaf Another minor tweak 2021-07-09 15:06:47 -07:00
keithhc2 e484b3e93f Minor language fix 2021-07-09 15:05:09 -07:00
keithhc2 d7ce813388 Added opensearch.yml and password regex rules 2021-07-09 15:03:41 -07:00
Wadim Kruse 8fbdb4ba11
Fix command to remove security plugin
See https://github.com/opensearch-project/OpenSearch-Dashboards/issues/465
2021-07-02 13:38:01 +02:00